This paper discover the most administration security issues in Cloud Computing in term of trustworthy and gives the reader a big visualization of the concept of the Service Level Agreement in Cloud Computing and it’s some security issues. Finding a model that mostly guarantee that the data be saved secure within setting for factors which are data location, duration of keeping the data in cloud environment, trust between customer and provider, and procedure of formulating the SLA.
Topic: Cloud Computing
Type: Research Paper Subject: Information Technology
Academic Level: Undergraduate
Style: MLA
Language: English (U.S)
Number of pages: 8 (double spaced, Times New Roman, Font 12)
Number of sources: 5
Task details
Write a 2000-word research paper that discusses the current state-of-the-art in cloud computing. The paper should discuss both the currently available technology and possible
New developments and designs to come in the next decade. The sources for your paper
are limited to the primary articles (not columns) in IEEE publications that have appeared
Since Jan. 2009:
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
Cloud computing technology security and trust challengesijsptm
A let of exclusive features such as high functionality and low cost have made cloud computing a valuable
technology. These remarkable features give users and companies, countless opportunities to reach their
goals spending minimum cost and time. Looking at the literature of this technology, it can be claimed that
the main concerns of the users of cloud are security issues especially trust. Unfortunately these concerns
have not been tackled yet. Therefore we decided to introduce a useful and functioned way to create more
trust among consumers to use this technology .In this paper we suggest the foundation of an international
certification institute for the service providing companies in order to increase trust and enhance likeliness
of using this new and valuable technology among people. Practicality of the technology will improve it and
will make its security better by providers.
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Topic: Cloud Computing
Type: Research Paper Subject: Information Technology
Academic Level: Undergraduate
Style: MLA
Language: English (U.S)
Number of pages: 8 (double spaced, Times New Roman, Font 12)
Number of sources: 5
Task details
Write a 2000-word research paper that discusses the current state-of-the-art in cloud computing. The paper should discuss both the currently available technology and possible
New developments and designs to come in the next decade. The sources for your paper
are limited to the primary articles (not columns) in IEEE publications that have appeared
Since Jan. 2009:
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
Cloud computing technology security and trust challengesijsptm
A let of exclusive features such as high functionality and low cost have made cloud computing a valuable
technology. These remarkable features give users and companies, countless opportunities to reach their
goals spending minimum cost and time. Looking at the literature of this technology, it can be claimed that
the main concerns of the users of cloud are security issues especially trust. Unfortunately these concerns
have not been tackled yet. Therefore we decided to introduce a useful and functioned way to create more
trust among consumers to use this technology .In this paper we suggest the foundation of an international
certification institute for the service providing companies in order to increase trust and enhance likeliness
of using this new and valuable technology among people. Practicality of the technology will improve it and
will make its security better by providers.
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Data Security in Mobile Cloud Computing A State of the Art ReviewRida Qayyum
Due to tremendous use of smartphones the concern of cloud computing in mobile devices emerges, which is known as Mobile Cloud Computing (MCC). It involves the usage of mobile devices and cloud computing to perform resource intensive tasks using the internet with minimum impact on cellular resources. Nowadays, people are relying on mobile devices due to their small size and user friendly interface but due to its limited storage capacity, people can no more rely on internal RAM. Therefore, this promotes a drastic need for technology to make it possible for anyone to access their data anywhere anytime. As a result, Mobile Cloud Computing facilitates mobile users with its enticing technology by providing its on-demand and scalable services. But privacy and security are the main concern for a mobile user in the modern era. Thus, issues regarding security can be divided into cloud security and mobile network user’s security, respectively. However, the primary focus of this study is to analyze how to secure the user's data in a mobile cloud. Leading to objectives, the current study presents a comprehensive analysis of existing techniques that can be considered for securing data in MCC efficiently. Moreover, this work will contribute a state-of-the-art roadmap to research and development communities for the right selection of proposed approach.
Single Sign-on Authentication Model for Cloud Computing using KerberosDeepak Bagga
ABSTRACT
In today’s organizations need for several new resources and storage requirements for terabytes of data is generated every day. Cloud computing provides solution for this in a cost effective and efficient manner. Cloud computing provides on demand resources as services to clients. Cloud is highly scalable and flexible. Although it is benefiting the clients in several ways but as data is stored remotely it has many security loopholes like attacks, data lose, other security and authentication issues. In this paper we are proposing an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks. This model can benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud security issues and attacks. Then in next section we will discuss the proposed architecture, its working and sequential process of message transmission. Next we will see how it can prevent against DDOS attacks, some benefits and how it provides single sign-on.
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and managing a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud. There is a very low research done to develop the theory and practice of cloud forensic. The investigator has huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one among many problems is that the customer is only concerned of security and threat of unknown. The cloud service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
The AIRCC's International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
This research analysis will go over the various encryption methods and summarize the previous research in encryption that has been done to this point. The advantages of Symmetric and Asymmetric Encryption will be discussed in terms of security and efficiency. As encryption becomes more advanced, so the need for proper key management increases as well. This paper will conclude with a look at what could be the future of cloud encryption, Homomorphic Encryption.
Authenticated and unrestricted auditing of big data space on cloud through v...IJMER
Cloud unlocks a different era in Information technology where it has the capability of providing the customers with a variety of scalable and flexible services. Cloud provides these services through a prepaid system, which helps the customers cut down on large investments on IT hardware
and other infrastructure. Also according to the Cloud viewpoint, customers don’t have control on their
respective data. Hence security of data is a big issue of using a Cloud service. Present work shows that
the data auditing can be done by any third party agent who is trusted and known as auditor. The auditor can verify the integrity of the data without having the ownership of the actual data. There are many disadvantages for the above approach. One of them is the absence of a required verification procedure among the auditor and service provider which means any person can ask for the verification of the file which puts this auditing at certain risk. Also in the existing scheme the data updates can be
done only for coarse granular updates i.e. blocks with the uneven size. And hence resulting in repeated communication and updating of auditor for a whole file block causing higher communication costs and
requires more storage space. In this paper, the emphasis is to give a proper breakdown for types of
fixed granular updates and put forward a design that will be capable to maintain authenticated and unrestricted auditing. Based on this system, there is also an approach for remarkably decreasing the communication costs for auditing little updates
A Critical Survey on Privacy Prevailing in Mobile Cloud Computing: Challenges...Rida Qayyum
With the explosive growth of mobile applications and extensive praxis of cloud computing, mobile cloud computing has been introduced to be a potential technology for mobile services. But privacy is the main concern for a mobile user in the modern era. In the current study, we address the privacy challenges faced by mobile users while outsourcing their data to the service provider for storage and processing. However, a secure mobile user is required to protect these fundamental privacy factors such as their personal data, real identity, current location and the actual query sent to the cloud vendor server while availing different cloud services. Under these privacy metrics, we evaluated the existing approaches that are counting privacy challenge in mobile cloud computing. The primary focus of this study is to presents a critical survey of recent privacy protection techniques. Leading to objective, the current study conduct a comparative analysis of these state of the art methods with their strong points, privacy level and scalability. After analysis, this paper suggests the pseudo-random permutation method could be a promising solution that can be taken into consideration for preserving user personal information and data query privacy in MCC more efficiently. Primarily, the purpose of the survey was to focus on further advancements of the suggested method. Furthermore, we present the future research directions in the mobile cloud computing paradigms.
Abstract: Distributed computing is a situated of IT administrations that are given to a client more than a system on a rented premise and with the capacity to scale up or down their administration necessities. Generally cloud registering administrations are conveyed by an outsider supplier who possesses the foundation. It favorable circumstances to specify yet a couple incorporate versatility, strength, adaptability, productivity and outsourcing non-center exercises. Distributed computing offers an imaginative plan of action for associations to receive IT benefits without forthright speculation. Notwithstanding the potential increases accomplished from the distributed computing, the associations are moderate in tolerating it because of security issues and difficulties connected with it. Security is one of the significant issues which hamper the development of cloud. The thought of giving over vital information to another organization is troubling; such that the shoppers should be cautious in comprehension the dangers of information breaks in this new environment. This paper presents a point by point examination of the distributed computing security issues furthermore, difficulties concentrating on the distributed computing sorts and the administration conveyance sorts.Keywords: Cloud Computing, Scalability, Infrastructure, IT.
Title: Cloud Computing Security Issues and Challenges
Author: Nishant Katiyar
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
Enhancing Data Integrity in Multi Cloud StorageIJERA Editor
Cloud computing is a way to increase the capacity or add capabilities dynamically without investing in new infrastructure, training new personnel, or licensing new software. Cloud is surrounded by many security issues like securing data and examining the utilization of cloud by the cloud computing vendors. Security is one of the major issues which reduce the growth of cloud computing. A large number of clients or data owners store their data on servers in the cloud and it is provided back to them whenever needed. The data provided should not be jeopardized. Data integrity should be taken into account so that the data is correct, consistent and accessible. For ensuring the integrity in cloud computing environment, cloud storage providers should be trusted. Dealing with single cloud providers is predicted to become less secure with customers due to risks of service availability, failure and the possibility of malicious insiders in the single cloud. This paper deals with multi cloud environments to resolve these issues. The integrity of the data in multi cloud storage has been provided with the help of trusted third party using cryptographic algorithm.
Assurance of Security and Privacy Requirements for Cloud Deployment ModelIJMTST Journal
Regardless of the few advantages of relocating endeavor basic resources for the Cloud, there are challenges particularly identified with security and protection. It is imperative that Cloud Users comprehend their security and protection needs, in light of their particular setting and select cloud show best fit to help these requirements. The writing gives works that attention on talking about security and protection issues for cloud frameworks yet such works don't give a nitty gritty methodological way to deal with evoke security and security necessities neither one of the to choose cloud arrangement models in view of fulfillment of these prerequisites by Cloud Service Providers. This work propels the present best in class towards this bearing. Specifically, we consider necessities designing ideas to inspire and dissect security and protection prerequisites and their related instruments utilizing an applied structure and an orderly procedure. The work presents confirmation as proof for fulfilling the security and protection necessities as far as culmination and reportable of security occurrence through review. This enables point of view cloud clients to characterize their confirmation prerequisites with the goal that proper cloud models can be chosen for a given setting. To exhibit our work, we display comes about because of a genuine contextual analysis in view of the Greek National Gazette.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
A h k clustering algorithm for high dimensional data using ensemble learningijitcs
Advances made to the traditional clustering algorithms solves the various problems such as curse of
dimensionality and sparsity of data for multiple attributes. The traditional H-K clustering algorithm can
solve the randomness and apriority of the initial centers of K-means clustering algorithm. But when we
apply it to high dimensional data it causes the dimensional disaster problem due to high computational
complexity. All the advanced clustering algorithms like subspace and ensemble clustering algorithms
improve the performance for clustering high dimension dataset from different aspects in different extent.
Still these algorithms will improve the performance form a single perspective. The objective of the
proposed model is to improve the performance of traditional H-K clustering and overcome the limitations
such as high computational complexity and poor accuracy for high dimensional data by combining the
three different approaches of clustering algorithm as subspace clustering algorithm and ensemble
clustering algorithm with H-K clustering algorithm.
MOBILE TELEVISION: UNDERSTANDING THE TECHNOLOGY AND OPPORTUNITIES15ijitcs01ijitcs
Television have converged the technologies of movies and radio and now being converged with mobile phones. Mobile TV is the result of the convergence between mobile devices and television. Mobile TV is a key device and service that enrich civilization with applications, vast market and great investment. Mobile TV is an important subject that has a potential impact on leading edge technologies for promising future. In
the time being Mobile TV is still in its early stages and has many potential; therefore some applications
such as mobile advertising and learning are discussed in this paper. When it comes to advertising, Mobile TV presents a new opportunity different from the traditional TV advertisements producing an interactive type of advertisements, enabling user engagement. While in the case of mobile learning, mobile devices open up new chances for absorbing knowledge and most recent information without forgetting the practical experience aspect.
A LOW COST EEG BASED BCI PROSTHETIC USING MOTOR IMAGERY ijitcs
Brain Computer Interfaces (BCI) provide the opportunity to control external devices using the brain
ElectroEncephaloGram (EEG) signals. In this paper we propose two software framework in order to
control a 5 degree of freedom robotic and prosthetic hand. Results are presented where an Emotiv
Cognitive Suite (i.e. the 1st framework) combined with an embedded software system (i.e. an open source
Arduino board) is able to control the hand through character input associated with the taught actions of
the suite. This system provides evidence of the feasibility of brain signals being a viable approach to
controlling the chosen prosthetic. Results are then presented in the second framework. This latter one
allowed for the training and classification of EEG signals for motor imagery tasks. When analysing the
system, clear visual representations of the performance and accuracy are presented in the results using a
confusion matrix, accuracy measurement and a feedback bar signifying signal strength. Experiments with
various acquisition datasets were carried out and with a critical evaluation of the results given. Finally
depending on the classification of the brain signal a Python script outputs the driving command to the
Arduino to control the prosthetic. The proposed architecture performs overall good results for the design
and implementation of economically convenient BCI and prosthesis.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Data Security in Mobile Cloud Computing A State of the Art ReviewRida Qayyum
Due to tremendous use of smartphones the concern of cloud computing in mobile devices emerges, which is known as Mobile Cloud Computing (MCC). It involves the usage of mobile devices and cloud computing to perform resource intensive tasks using the internet with minimum impact on cellular resources. Nowadays, people are relying on mobile devices due to their small size and user friendly interface but due to its limited storage capacity, people can no more rely on internal RAM. Therefore, this promotes a drastic need for technology to make it possible for anyone to access their data anywhere anytime. As a result, Mobile Cloud Computing facilitates mobile users with its enticing technology by providing its on-demand and scalable services. But privacy and security are the main concern for a mobile user in the modern era. Thus, issues regarding security can be divided into cloud security and mobile network user’s security, respectively. However, the primary focus of this study is to analyze how to secure the user's data in a mobile cloud. Leading to objectives, the current study presents a comprehensive analysis of existing techniques that can be considered for securing data in MCC efficiently. Moreover, this work will contribute a state-of-the-art roadmap to research and development communities for the right selection of proposed approach.
Single Sign-on Authentication Model for Cloud Computing using KerberosDeepak Bagga
ABSTRACT
In today’s organizations need for several new resources and storage requirements for terabytes of data is generated every day. Cloud computing provides solution for this in a cost effective and efficient manner. Cloud computing provides on demand resources as services to clients. Cloud is highly scalable and flexible. Although it is benefiting the clients in several ways but as data is stored remotely it has many security loopholes like attacks, data lose, other security and authentication issues. In this paper we are proposing an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks. This model can benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud security issues and attacks. Then in next section we will discuss the proposed architecture, its working and sequential process of message transmission. Next we will see how it can prevent against DDOS attacks, some benefits and how it provides single sign-on.
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and managing a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud. There is a very low research done to develop the theory and practice of cloud forensic. The investigator has huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one among many problems is that the customer is only concerned of security and threat of unknown. The cloud service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
The AIRCC's International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
This research analysis will go over the various encryption methods and summarize the previous research in encryption that has been done to this point. The advantages of Symmetric and Asymmetric Encryption will be discussed in terms of security and efficiency. As encryption becomes more advanced, so the need for proper key management increases as well. This paper will conclude with a look at what could be the future of cloud encryption, Homomorphic Encryption.
Authenticated and unrestricted auditing of big data space on cloud through v...IJMER
Cloud unlocks a different era in Information technology where it has the capability of providing the customers with a variety of scalable and flexible services. Cloud provides these services through a prepaid system, which helps the customers cut down on large investments on IT hardware
and other infrastructure. Also according to the Cloud viewpoint, customers don’t have control on their
respective data. Hence security of data is a big issue of using a Cloud service. Present work shows that
the data auditing can be done by any third party agent who is trusted and known as auditor. The auditor can verify the integrity of the data without having the ownership of the actual data. There are many disadvantages for the above approach. One of them is the absence of a required verification procedure among the auditor and service provider which means any person can ask for the verification of the file which puts this auditing at certain risk. Also in the existing scheme the data updates can be
done only for coarse granular updates i.e. blocks with the uneven size. And hence resulting in repeated communication and updating of auditor for a whole file block causing higher communication costs and
requires more storage space. In this paper, the emphasis is to give a proper breakdown for types of
fixed granular updates and put forward a design that will be capable to maintain authenticated and unrestricted auditing. Based on this system, there is also an approach for remarkably decreasing the communication costs for auditing little updates
A Critical Survey on Privacy Prevailing in Mobile Cloud Computing: Challenges...Rida Qayyum
With the explosive growth of mobile applications and extensive praxis of cloud computing, mobile cloud computing has been introduced to be a potential technology for mobile services. But privacy is the main concern for a mobile user in the modern era. In the current study, we address the privacy challenges faced by mobile users while outsourcing their data to the service provider for storage and processing. However, a secure mobile user is required to protect these fundamental privacy factors such as their personal data, real identity, current location and the actual query sent to the cloud vendor server while availing different cloud services. Under these privacy metrics, we evaluated the existing approaches that are counting privacy challenge in mobile cloud computing. The primary focus of this study is to presents a critical survey of recent privacy protection techniques. Leading to objective, the current study conduct a comparative analysis of these state of the art methods with their strong points, privacy level and scalability. After analysis, this paper suggests the pseudo-random permutation method could be a promising solution that can be taken into consideration for preserving user personal information and data query privacy in MCC more efficiently. Primarily, the purpose of the survey was to focus on further advancements of the suggested method. Furthermore, we present the future research directions in the mobile cloud computing paradigms.
Abstract: Distributed computing is a situated of IT administrations that are given to a client more than a system on a rented premise and with the capacity to scale up or down their administration necessities. Generally cloud registering administrations are conveyed by an outsider supplier who possesses the foundation. It favorable circumstances to specify yet a couple incorporate versatility, strength, adaptability, productivity and outsourcing non-center exercises. Distributed computing offers an imaginative plan of action for associations to receive IT benefits without forthright speculation. Notwithstanding the potential increases accomplished from the distributed computing, the associations are moderate in tolerating it because of security issues and difficulties connected with it. Security is one of the significant issues which hamper the development of cloud. The thought of giving over vital information to another organization is troubling; such that the shoppers should be cautious in comprehension the dangers of information breaks in this new environment. This paper presents a point by point examination of the distributed computing security issues furthermore, difficulties concentrating on the distributed computing sorts and the administration conveyance sorts.Keywords: Cloud Computing, Scalability, Infrastructure, IT.
Title: Cloud Computing Security Issues and Challenges
Author: Nishant Katiyar
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
Enhancing Data Integrity in Multi Cloud StorageIJERA Editor
Cloud computing is a way to increase the capacity or add capabilities dynamically without investing in new infrastructure, training new personnel, or licensing new software. Cloud is surrounded by many security issues like securing data and examining the utilization of cloud by the cloud computing vendors. Security is one of the major issues which reduce the growth of cloud computing. A large number of clients or data owners store their data on servers in the cloud and it is provided back to them whenever needed. The data provided should not be jeopardized. Data integrity should be taken into account so that the data is correct, consistent and accessible. For ensuring the integrity in cloud computing environment, cloud storage providers should be trusted. Dealing with single cloud providers is predicted to become less secure with customers due to risks of service availability, failure and the possibility of malicious insiders in the single cloud. This paper deals with multi cloud environments to resolve these issues. The integrity of the data in multi cloud storage has been provided with the help of trusted third party using cryptographic algorithm.
Assurance of Security and Privacy Requirements for Cloud Deployment ModelIJMTST Journal
Regardless of the few advantages of relocating endeavor basic resources for the Cloud, there are challenges particularly identified with security and protection. It is imperative that Cloud Users comprehend their security and protection needs, in light of their particular setting and select cloud show best fit to help these requirements. The writing gives works that attention on talking about security and protection issues for cloud frameworks yet such works don't give a nitty gritty methodological way to deal with evoke security and security necessities neither one of the to choose cloud arrangement models in view of fulfillment of these prerequisites by Cloud Service Providers. This work propels the present best in class towards this bearing. Specifically, we consider necessities designing ideas to inspire and dissect security and protection prerequisites and their related instruments utilizing an applied structure and an orderly procedure. The work presents confirmation as proof for fulfilling the security and protection necessities as far as culmination and reportable of security occurrence through review. This enables point of view cloud clients to characterize their confirmation prerequisites with the goal that proper cloud models can be chosen for a given setting. To exhibit our work, we display comes about because of a genuine contextual analysis in view of the Greek National Gazette.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
A h k clustering algorithm for high dimensional data using ensemble learningijitcs
Advances made to the traditional clustering algorithms solves the various problems such as curse of
dimensionality and sparsity of data for multiple attributes. The traditional H-K clustering algorithm can
solve the randomness and apriority of the initial centers of K-means clustering algorithm. But when we
apply it to high dimensional data it causes the dimensional disaster problem due to high computational
complexity. All the advanced clustering algorithms like subspace and ensemble clustering algorithms
improve the performance for clustering high dimension dataset from different aspects in different extent.
Still these algorithms will improve the performance form a single perspective. The objective of the
proposed model is to improve the performance of traditional H-K clustering and overcome the limitations
such as high computational complexity and poor accuracy for high dimensional data by combining the
three different approaches of clustering algorithm as subspace clustering algorithm and ensemble
clustering algorithm with H-K clustering algorithm.
MOBILE TELEVISION: UNDERSTANDING THE TECHNOLOGY AND OPPORTUNITIES15ijitcs01ijitcs
Television have converged the technologies of movies and radio and now being converged with mobile phones. Mobile TV is the result of the convergence between mobile devices and television. Mobile TV is a key device and service that enrich civilization with applications, vast market and great investment. Mobile TV is an important subject that has a potential impact on leading edge technologies for promising future. In
the time being Mobile TV is still in its early stages and has many potential; therefore some applications
such as mobile advertising and learning are discussed in this paper. When it comes to advertising, Mobile TV presents a new opportunity different from the traditional TV advertisements producing an interactive type of advertisements, enabling user engagement. While in the case of mobile learning, mobile devices open up new chances for absorbing knowledge and most recent information without forgetting the practical experience aspect.
A LOW COST EEG BASED BCI PROSTHETIC USING MOTOR IMAGERY ijitcs
Brain Computer Interfaces (BCI) provide the opportunity to control external devices using the brain
ElectroEncephaloGram (EEG) signals. In this paper we propose two software framework in order to
control a 5 degree of freedom robotic and prosthetic hand. Results are presented where an Emotiv
Cognitive Suite (i.e. the 1st framework) combined with an embedded software system (i.e. an open source
Arduino board) is able to control the hand through character input associated with the taught actions of
the suite. This system provides evidence of the feasibility of brain signals being a viable approach to
controlling the chosen prosthetic. Results are then presented in the second framework. This latter one
allowed for the training and classification of EEG signals for motor imagery tasks. When analysing the
system, clear visual representations of the performance and accuracy are presented in the results using a
confusion matrix, accuracy measurement and a feedback bar signifying signal strength. Experiments with
various acquisition datasets were carried out and with a critical evaluation of the results given. Finally
depending on the classification of the brain signal a Python script outputs the driving command to the
Arduino to control the prosthetic. The proposed architecture performs overall good results for the design
and implementation of economically convenient BCI and prosthesis.
MULTILINGUAL SPEECH IDENTIFICATION USING ARTIFICIAL NEURAL NETWORKijitcs
Speech technology is an emerging technology and automatic speech recognition has made advances in recent years. Many researches has been performed for many foreign and regional languages. But at present the multilingual speech processing technology has been attracting for research purpose. This paper tries to propose a methodology for developing a bilingual speech identification system for Assamese and English language based on artificial neural network.
3-D WAVELET CODEC (COMPRESSION/DECOMPRESSION) FOR 3-D MEDICAL IMAGESijitcs
Compression is an important part in image processing in order to save memory space and reduce the
bandwidth while transmitting. The main purpose of this paper is to analyse the performance of 3-D wavelet
encoders using 3-D medical images. Four wavelet transforms, namely, Daubechies 4,Daubechies
6,Cohen-Daubechies-Feauveau 9/7 and Cohen Daubechies-Feauveau5/3 are used in the first stage with
encoders such as 3-D SPIHT,3-D SPECK and 3-D BISK used in the second stage for the compression.
Experiments are performed using medical test image such as magnetic resonance images (MRI) and X-ray
angiograms (XA). The XA and MR image slices are grouped into 4, 8 and 16 slices and the wavelet
transforms and encoding schemes are applied to identify the best wavelet encoder combination. The
performances of the proposed scheme are evaluated in terms of peak signal to noise ratio and bit rate.
This paper proposes Natural language based Discourse Analysis method used for extracting
information from the news article of different domain. The Discourse analysis used the Rhetorical Structure
theory which is used to find coherent group of text which are most prominent for extracting information
from text. RST theory used the Nucleus- Satellite concept for finding most prominent text from the text
document. After Discourse analysis the text analysis has been done for extracting domain related object
and relates this object. For extracting the information knowledge based system has been used which
consist of domain dictionary .The domain dictionary has a bag of words for domain. The system is
evaluated according gold-of-art analysis and human decision for extracted information.
ZALP is the first recruitment tool that intelligently uses social media with a single point focus of improving an organization’s employee referral program.
ZALP is a specialized saas( software as a service) based social recruitment tool that exhaustively exploits the potential of social media with a focussed approach towards reducing the cost per hire and time to fill by unleashing the true potential of an organization’s employee referral program.
EFFECTS OF HUMAN FACTOR ON THE SUCCESS OF INFORMATION TECHNOLOGY OUTSOURCINGijitcs
Information technology outsourcing is one of the factors affecting the improvement of flexibility and
dynamics of enterprises in the competitive environment. Also, the study of the factors affecting its success
has been always considered by business owners and the area of research. Professional experiences and
research results consider that the success of IT (Information technology) outsourcing projects relates to the
effective knowledge transfer and human factors. The human factors are influenced by the cultural and
environmental context of the inside and outside of the organization. Hence, it is necessary to study the
effectiveness of these variables in different cultural environments. This study investigates the effect of
human factors including the customer motivation and vendor willingness on the success of IT outsourcing
projects. For this purpose, the research hypotheses were developed and analyzed by the structural equation
method. The result of a field study among 94 companies and organizations show the difference of the
findings of this study with earlier findings in other countries. Based on the findings, the client motivation
doesn’t affect the knowledge transfer but the vendor willingness affects the customer motivation to
knowledge transfer. This result can help the business owners to take appropriate approaches for achieving
success in IT outsourcing projects.
RESEARCH REVIEW FOR POSSIBLE RELATION BETWEEN MOBILE PHONE REDIATION AND BRAI...ijitcs
The aim of this paper is to introduce a research review for the effect of Mobile phone radiation on human
health and the possible relation between Mobile phone radiation and brain tumor. Mobile phones become
increasingly prevalent throughout our society. In the year 2016, it was estimated that there were 4 billion
cellular phone users worldwide; the number is growing by one million every month in the US. The goal of
this paper is to give a brief overview and also discuss the biological effects of the exposure to mobile
phones radiation. Many effects have been reported with the use of mobile phones on human organisms due
to the exposure to electromagnetic radiation. Concerns about the links between using the mobile phones
and biological effects, in particular, the brain tumors have been under research. As the other radio signals
transmition devices, cellular phone emits radiofrequency energy, which can heat the brain tissues and
cause damage to the brain cells. But even mobile phones operates at power level below the level at which
such heating effects occur, long term exposure to low level RF from mobile phones could cause other types
of health effects, such as brain cancer, due to energy absorption in the brain tissues. Some human
biological experiments, such as Aly et al. 2014, Aly, et al. 2008 indicates, the average time for the human
cells to respond to the effect of RF radiation was approximately 2.5 min, Hardell et al.2002, and Repacholi
et al.1997 indicated increased risk with exposure to mobile phones radiation. The British Association
festival of science was told recently that using a mobile telephone mor
ZALP is the first recruitment tool that intelligently uses social media with a single point focus of improving an organization’s employee referral program.
ZALP is a specialized saas( software as a service) based social recruitment tool that exhaustively exploits the potential of social media with a focussed approach towards reducing the cost per hire and time to fill by unleashing the true potential of an organization’s employee referral program.
ASSESSING THE ORGANIZATIONAL READINESS FOR IMPLEMENTING KNOWLEDGE MANAGEMENT ...ijitcs
The growing importance of business analytics and its increasing influence on the competitive advantage of
organizations leads to the necessity of knowledge management systems, which complex and needs
organizational readiness that has been the subject of earlier research. This study aims to examine whether
the affective factors on the assessment of the readiness for implementation of the knowledge management
system in all organizations are identical. Hence, first by a comprehensive study of literature, readiness
factors of the knowledge management system implementation including six factors of organizational
culture, individuals, information technology infrastructure, knowledge process, senior management
commitment, and strategy were extracted and have been tested in three different organizations of IT
services, educational and commerce. Based on the founding, different factors affect various organizations
and using a general model should not be advised.
CRITICAL SUCCESS FACTORS FOR M-COMMERCE IN SAUDI ARABIA’S PRIVATE SECTOR: A M...ijitcs
Many developing country firms are investing huge money in the sector of mobile commerce (m-commerce).
Simplifying and understanding the factors which can impact on m-commerce success enables the
organisations’ managers to focus their efforts on the key areas of their m-commerce businesses, thereby
contributing to the successful implementation of m-commerce. This study provides a clear understanding of
m-commerce in the private sector in the Kingdom of Saudi Arabia and identifies the critical success factors
of implementing m-commerce within the local business environment. A case study approach will be used
for five Saudi companies, which use m-commerce, represented by: Alrajhi Bank, Souq.com, Saudi
Electricity Company, Saudi telecom company (STC), and Saudi Airlines. This study represents a research
in progress and interviews based on the literature to identify the key success factors for these companies in
particular and in Saudi Arabia’s private sector in general.
PROPOSAL OF AN HYBRID METHODOLOGY FOR ONTOLOGY DEVELOPMENT BY EXTENDING THE P...ijitcs
W3C’s Semantic Web intents a common framework that allows data to be shared and reused across
application and enterprise. The semantic web and its related technologies are the main directions of
future web development where machine-processable information which supports user tasks. Ontologies are
playing the vital role in Semantic Web. Researches on Ontology engineering had pointed out that an effective
ontology application development methodology with integrated tool support is mandatory for its success. .
Potential benefits are there to ontology engineering in making the toolset of Model Driven Architecture
applicable to ontology modeling. Since Software and Ontology engineering are two complimentary
branches, the scope of extension of the well proven methodologies and UML based modeling approaches
used in software engineering to ontology engineering can bridge the gap between the engineering branches.
This research paper is an attempt to suggest an exclusive hybrid methodology for ontology development from
existing matured software engineering. Philosophical and engineering aspects of the newly derived
methodology have been described clearly An attempt has been made for the application of proposed
methodology with protégé editor. The full-fledged implementation of an domain ontology and its validation
is the future research direction.
Zalp webinar-Raising your employee referral program results to 50% of all hiresSavio Vadakkan
This interactive webinar was led by Dr. John Sullivan, arguably the world’s leading proponent of employer referrals programs (ERP). In this webinar, he highlighted the best practices that have proven to be effective in making referral programs the dominant corporate recruiting source.
The webinar was sponsored by ZALP in association with ere.net.
ZALP is the perfect employee referral software for every organization looking to tap the unexplored potential of their referral program while at the same time exploiting the potent potential of social media in recruitment.
Request a demo today. Visit www.zalp.com or mail us at info@zalp.com
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
ANALYSIS OF MANUFACTURING OF VOLTAGE RESTORE TO INCREASE DENSITY OF ELEMENTS ...ijoejournal
We introduce an approach for increasing density of voltage restore elements. The approach based on
manufacturing of a heterostructure, which consist of a substrate and an epitaxial layer with special configuration.
Several required sections of the layer should be doped by diffusion or ion implantation. After
that dopants and/or radiation defects should be annealed.
It auditing to assure a secure cloud computingingenioustech
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
In this study, survey questions were sent to different non-profit and government organizations, which
assisted in collecting fundamental information. The data was acquired by conducting surveys in OpenStack
Company to identify the critical vulnerabilities in the cloud computing platform in order to provide the
recommended solutions.
So, analysis will be made on how the cloud’s characteristics such as the nature of the architecture,
attractiveness, as well as, vulnerability are tightly related to privacy and security issues. Privacy and
security are complex issues for which there is no standard and the relationship between them is necessarily
complicated. The study also highlight on the inherent challenge to data privacy because it typically results
in data to be presented in an encryption from the data owner. Thus, the study aimed at obtaining a common
goal to provide a comprehensive review of the existing security and privacy issues in cloud environments,
and identify and describe the most representative of the security and privacy attributes and present a
relationship among them.
Finally, in order to ensure that the standard measure of validity is achieved, validity test was conducted in
order to ensure that the study is free from errors. Various recommendations were provided. The study also
explored various areas that require future directions for each attribute, which comprise of multi-domain
policy integration and a secure service composition to design a comprehensive policy-based management
framework in the cloud environments.
Lastly, the recommendations will provide the potential for security and privacy approaches that can be
implemented to improve the cloud computing environment to ensure that a level of trust is achieved
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
In the digital world using technology and new technologies require safe and reliable environment, and it also requires consideration to all the challenges that technology faces with them and address these challenges. Cloud computing is also one of the new technologies in the IT world in this rule there is no exception. According to studies one of the major challenges of this technology is the security and safety required for providing services and build trust in consumers to transfer their data into the cloud. In this paper we attempt to review and highlight security challenges, particularly the security of data storage in a cloud environment. Also, provides some offers to enhance the security of data storage in the cloud
computing systems that by using these opinions can be overcome somewhat on the problems.
Cloud Computing a leading and getting widely adopted technology in industry, unveils some unprecedented challenges to security of company’s resources such as capital and knowledge based assets. Hither to no much attention has been paid by the governments and there is neither any universal standard adopted, nor any breakthrough to take up these challenges. Traditional contracts and licensing agreements may not provide adequate legal resources and remedies normally associated with the layers of protection for corporations. Intellectual Property, Foreign Direct Investments (FDI) and corporate governance issues have to be fully explored and practiced in domestic and international markets. So this paper discusses the need of establishment of Law and judicial framework of policies to the services embedding cloud computing technology, besides this it also addresses legal issues and existing policies adopted by different countries.
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...csandit
Cloud computing promises good opportunities for economies around the world, as it can help reduce capital expenditure and administration costs, and improve resource utilization. However there are challenges regarding the adoption of cloud computing, key amongst those are security and privacy, reliability and liability, access and usage restriction. Some of these challenges lead to a need for cloud computing policy so that they can be addressed. The purpose of this paper is
twofold. First is to discuss challenges that prompt a need for cloud computing policy. Secondly, is to look at South African ICT policies and regulatory laws in relation to the emergence of cloud computing. Since this is literature review paper, the data was collected mainly through literature reviews. The findings reveals that indeed cloud computing raises policy challenges that needs to be addressed by policy makers. A lack of policy that addresses cloud computing challenges can
negatively have an impact on areas such as security and privacy, competition, intellectual property and liability, consumer protection, cross border and juridical challenges.
Review of Business Information Systems – Fourth Quarter 2013 V.docxmichael591
Review of Business Information Systems – Fourth Quarter 2013 Volume 17, Number 4
2013 The Clute Institute Copyright by author(s) Creative Commons License CC-BY 159
Dimensions Of Security Threats In Cloud
Computing: A Case Study
Mathew Nicho, University of Dubai, UAE
Mahmoud Hendy, University of Dubai, UAE
ABSTRACT
Even though cloud computing, as a model, is not new, organizations are increasingly
implementing it because of its large-scale computation and data storage, flexible scalability,
relative reliability, and cost economy of services. However, despite its rapid adoption in some
sectors and domains, it is evident from research and statistics, that security-related threats are the
most noticeable barrier to its widespread adoption. To investigate the reasons behind these
threats, the authors used available literature to identify and aggregate information about IS
security threats in cloud computing. Based on this information, the authors explored the
dimensions of the nature of threat by interviewing a cloud computing practitioner in an
organization that uses both the private and public cloud deployment models. From these findings,
the authors found that IS security threats in cloud computing must be defined at different levels;
namely, at the business and technical level, as well as from a generic and cloud-specific threat
perspective. Based on their findings, the authors developed the Cloud Computing Threat Matrix
(CCTM) which provides a two-dimensional definition of threat that enables cloud users to fully
comprehend the concerns so that they can make relevant decisions while availing cloud computing
services.
Keywords: Cloud Computing; Security; Cloud Security Issues Taxonomy; Threat Matrix
INTRODUCTION
ecause a cloud is a collection of inter-connected and virtualized computers (Buyya et al., 2008), the
main enabling technology for cloud computing is virtualization. The basic concept of cloud is based
on the premise that instead of having selected information systems (IS) resources, such as software
and data stored locally on a user’s or organization’s computer systems, these resources can be stored on Internet
servers, called “clouds,” and accessed anytime, anywhere as a paid service on the Internet. Cloud computing has the
potential to bring significant benefits to small- and medium-sized businesses by reducing the costs of investment in
information communication technology (ICT) infrastructure because it enables the use of services, such as
computation, software, data access, and storage by end-users, without the need to know the physical location and
configuration of the system that delivers the services (Mujinga & Chipangura, 2011). However, it has been stated
that organizations adopt cloud computing projects and systems cautiously while maximizing benefits and
minimizing risks (Lawler, Joseph, & Howell-Barber, 2012). Cloud computing is expected to play .
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Student Number: Sxxxxxxx
Email:
Assignment 3
Due Date: 2 May 2014
Lecturer:
Course Coordinator:
Executive Summary
Cloud computing promises a transformation in the provision of IT services to businesses and other organisations. Along with many advantages to the business that include easy scalability and ubiquitous access to resources, there are many risks that a business must consider before deploying a cloud solution. These risks include a loss of control over service restoration in case of failure and possible security risks due to attack via the Internet. To mitigate against those risks businesses need to have well-written contracts, develop strict and easily understood polices to ensure the appropriate storage of information and have multi-factor authentication to access sensitive information via the Internet.
This report considers the situation of GlobDev, who are an Aid and Development organisation headquartered in Melbourne with staff in many developing countries. Using recent research, the report analyses the advantages and disadvantages of Cloud Computing, associated security risks and mitigation, and examines using cloud services to enable secure mobile computing. The report proposes a possible path to the transformation in the delivery of IT services in GlobDev through the migration to cloud based services. The report supports the use of cloud computing through mobile devices provided to field staff. The engagement in technology through social media applications and mobile technology should improve donor engagement and expand GlobDev’s opportunity for growth by increasing its supporter base.
Table of Contents
1.0 Introduction 4
1.1 Organisational Context 4
1.2 Objective and Methodology 4
1.3 Report Outline 5
2.0 Definitions of Cloud Computing 5
3.0 Advantages and Issues with Cloud Computing 6
3.1 Advantages of Cloud Computing 6
3.2 Issues with Cloud Computing 7
4.0 Security Risks in Cloud Computing 7
5.0 Opportunities for growth through Cloud Services 9
6.0 Conclusions 9
7.0 Recommendations 11
8.0 Reference list 13
1.0
Introduction
1.1 Organisational Context
Cloud computing is an increasingly popular method for delivery of software services and storing data. GlobDev is a not for profit large organisation, headquartered in Melbourne, that runs aid and development programs in underdeveloped nations. The projects are organised by people from developed nations including Australians who are part of this organisations staff. National staff in each country are also employed by the organisation. There are currently 2150 people employed in Projects across 38 nations with a further 50 people employed in administration in 10 donor countries plus a further 70 staff in the head office in Melbourne. Projects and administration costs are funded through personal and corporate donations along with contributions from the foreign aid budgets of some G-20 major economies. The company has a central server located in the Melbourne H.
Cloud computing has changed the entire process that distributed computing used to present e.g. Grid
computing, server client computing. Cloud computing describes recent developments in many existing IT
technologies and separates application and information resources from the underlying infrastructure.
Cloud computing security is an important aspect of quality of service from cloud service providers.
Security concerns arise as soon as one begins to run applications beyond the designated firewall and move
closer towards the public domain. In violation of security in any component in the cloud can be disaster for
the organization (the customer) as well as for the provider. In this paper, we propose a cloud security
model and security framework that identifies security challenges in cloud computing.
ADVANCES IN HIGHER EDUCATIONAL RESOURCE SHARING AND CLOUD SERVICES FOR KSAIJCSES Journal
Cloud represents an important change in the way information technology is used. Cloud makes it possible
to access work anywhere anytime and to share it with anyone [1]. It is changing the way people
communicate, work and learn [2]. In this changing environment, it is important to think about the
opportunities and risks of using the cloud in the education field, and the lessons we can learn from the
previous uses of this technology in the education field. In order to gain the benefits of the cloud to be used
in educational system in KSA, a comprehensive study on scientific literatures in this paper. This paper also
presents the significant information such as the findings, the case studies, related frameworks and
supporting also the tools associated to the migration of organizational resources to cloud
A study secure multi authentication based data classification model in cloud ...IJAAS Team
Abstract: Cloud computing is the most popular term among enterprises and news. The concepts come true because of fast internet bandwidth and advanced cooperation technology. Resources on the cloud can be accessed through internet without self built infrastructure. Cloud computing is effectively managing the security in the cloud applications. Data classification is a machine learning technique used to predict the class of the unclassified data. Data mining uses different tools to know the unknown, valid patterns and relationshipsin the dataset. These tools are mathematical algorithms, statistical models and Machine Learning (ML) algorithms. In this paper author uses improved Bayesian technique to classify the data and encrypt the sensitive data using hybrid stagnography. The encrypted and non encrypted sensitive data is sent to cloud environment and evaluate the parameters with different encryption algorithms.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Similar to ADMINISTRATION SECURITY ISSUES IN CLOUD COMPUTING (20)
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
ADMINISTRATION SECURITY ISSUES IN CLOUD COMPUTING
1. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
DOI:10.5121/ijitcs.2013.3401 1
ADMINISTRATION SECURITY ISSUES IN CLOUD
COMPUTING
Hamoud Alshammari1
and Christian Bach2
1
Department of Computer Science and Engineering, University of Bridgeport,
Bridgeport, Connecticut, USA
halshamm@bridgeport.edu
2
Department of Computer Science and Engineering, University of Bridgeport,
Bridgeport, Connecticut, USA
cbach@bridgeport.edu
ABSTRACT
This paper discover the most administration security issues in Cloud Computing in term of
trustworthy and gives the reader a big visualization of the concept of the Service Level Agreement in Cloud
Computing and it’s some security issues. Finding a model that mostly guarantee that the data be saved
secure within setting for factors which are data location, duration of keeping the data in cloud
environment, trust between customer and provider, and procedure of formulating the SLA.
KEYWORDS
Cloud Computing, SLA, Service Level Agreement, Trust, Security
1. Introduction
Although new technologies are always emerging to back up the security of the nation,
these technologies are also possible roots of the problems that security faces. Having high-tech
equipment will indeed counter possible technological threats to security [1]. Cybercrimes in the
web community are a major threat that affects a national context. To defend homeland security in
the cyber world, it is important to learn how to cope with it. According to Homeland Security
News Wire [2], “fighting cybercrime around the world requires strong legal structures to enable
prosecutions; a trained corps of investigators to respond to crimes; and the ability to cooperate
internationally.”[3].
Security risks are naturally related to all integration technologies. In a time when the
Internet is a household commodity, there are certainly new possible threats to securities[4].
Technologies that threaten to bring destruction to security must be countered by technologies as
well. The Internet is being viewed as a security endemic, which corporate risks both real and
technological. One issue that allows cybercrimes to occur is the weakness in security of the cloud
computing security[5,6].
Actually, cloud computing plays an important roles between the new computing concepts
and information policies[7]. Cloud computing raises many issues regarding privacy, anonymity,
liability, security, and government surveillance and so on, so the existed laws are not really
applicable to these new ideas[8]. Because of these weaknesses in the concept of could computing,
some information polices that have been developed and improved by the users like creation
implementation, and using the technologies, that the law catches up of these activities [9].
2. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
2
2. What is the cloud computing?
Cloud computing is defined by the National Institute of Standards and Technology [10]
as “a model for enabling convenient, on-demand network access to a shared pool of configurable
computing resources (e.g., networks, servers, storage, applications, and services) that can be
rapidly provisioned and released with minimal management effort or service provider
interaction.” Cloud Computing gives a developed paradigm in terms of on-demand (provisioning)
of computing infrastructure. That paradigm converts the location of the physical infrastructure to
the network to cut off some costs that are associated with the management of software and
hardware resources[11].
Cloud is drawing the attention from the Information and Communication Technology
(ICT) community, thanks to the appearance of a set of services with common characteristics,
provided by important industry players. However, some of the existing technologies the cloud
concept draws upon (such as virtualization, utility computing, or distributed computing) are not
new[8].
Figure 1. Some of Cloud computing prosperities
Figure.1 [12] shows some concepts that are related to the definition of Cloud Computing.
However, other concepts are defined in Could Computing environment like DÉJÀ VU, which
means to get more benefits from the predication and expectations. Also, the virtual monitoring of
the processes in Cloud Computing (VM) which gives the availability of distributing the data
among vary servers in the Cloud Computing environment to make the access to the resource more
easy and fast [13].
3. Using of cloud computing
Seeking more ability to use information widely and reduce the cost of this usage,
organizations started using the technology of cloud computing. Some research studies described
the cloud as a technology for which one pays per use, which means that the user will pay for the
exact tools that he or she uses [14]. Cloud computing gives an ability to pay as using of the
computing resources on short-term period of time for example, processing a request for an hour
or storage for a day. Also, it releases them when needed or when they are no more useful [2].
3. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
3
Different application could be used via Cloud Computing to meet some security
requirements or other requirements like the I-Voting application system. This system provides
two of most important conditions of any voting systems which are time of data collection and
security of the results [15]. Another using of Cloud Computing is in learning purposes as
electronic learning (E-Learning) which is very helpful to save time and cost [16].
4. Service Level Agreement [SLA]
A third party concept could be used in cloud computing to monitor the data or the whole
system that comes in between of the provider and customer. However, there might be some users
that there are not comfort with the third party because of the ability to use their information [9]. In
this case, the provider and the third party might create the same threat to the client's data.
Usually, the third party works with the service provider and client to control and save the
datacenter. In cloud computing, the Private Virtual Infrastructure (PVI) model has been suggested
to distribute the responsibility of control and save the datacenter between providers and
clients[18]. In this model, users have security over their information in the cloud, and providers
would have security over the fabric of the server.
Many enterprises said they were not using the cloud because these services are less
secure. But the reality may be the opposite. The hosting companies expanding into the cloud told
us that security is one of their core competencies, so it is more a necessary evil for most
enterprises. As Greg Papadopoulos, Sun’s CTO, put it, “Over time, people will start to view an
external service provider as more compliant than internal. They are disinterested third party. Their
job is to hold your data but it involves you and me to collude. As a third party provider I would
have no motive to muck with your data”[19].
Service level agreement [SLA] between client and provider is critical to defining the roles
and responsibilities of all parties involved in using and providing cloud services. The SLA should
explicitly call out what security services the provider guarantees and what the client is responsible
for providing. As shown in (fig. 2) [20] which explores the methodology of having assured SLA
via following some steps that provide the duties and rights that either provider or customer has.
Start with defining the service level, designing the service, placing the service, capacity planning,
optimizing the resources, and managing and operating the service. The feedback still needed to
update the service and the operations.
4. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
4
Figure.2 Service Level Agreement Methodology
Web Service Level Agreement (WSLA) framework was developed for SLA monitoring
and enforcement in SOA[3]. In the Cloud Computing environment, the monitoring and
enforcement tasks are delegated to a third party to solve the problem. However, the third party
could use the data illegally or could modify it. On the other hand, one of the weaknesses of using
the third party idea is the absence of trust between the provider and the third party or the client
and the third party.
5. Research Method
Exploring the concept of Cloud Computing and some of its security issues is done by a
complete literature review and answering some of questions that has a direct relationship with the
research topic. Despite of the fact that the Cloud Computing is one of the hottest topics these days
because there is no fully agreement between the vendors and the customers around the world
[19].
The Qualitative research methodology is one of the popular methodologies that the
researchers follow in many fields like social studies, Human and governments behaviours. The
object of this kind of researches is to gather data and analyse it based on the research questions,
and then the researcher can present the results and conclusion [21]. The main goal of the
Qualitative descriptive studies is to summarize the whole events and data in the terms of the
events. Usually researchers stay close to the data meaning that they have got from the words and
events [22].
In Qualitative research method, the data is categorized into different forms to report the
results and organize them. “Qualitative researchers typically rely on the following methods for
gathering information: Participant Observation, Non-participant Observation, Field Notes,
Reflexive Journals, Structured Interview, Semi-structured Interview, Unstructured Interview, and
Analysis of documents and materials”[23]. Mainly, to observe data from its main sources, the
survey methodology is followed in that case. However, the qualitative method could play the
same role and give some sort of exact result if it followed by researchers. The main benefits of the
following the second method is to reduce the cost whereas the survey method is more efficient in
5. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
5
the terms of the cost. Easley gathering information in the qualitative method might be preferred
from the researchers for that reason [24].
5.1. Where is the location of the data in the cloud? Is it legal to transfer the data to
another data center in another country?
The service providers usually don’t place the location of the application. Most of them
don’t have geographic coverage [17]. For example, Amazon EC2 doesn’t provide the users the
exact location of the application neither they couldn’t ask for providing the location of these
applications. However, some governments’ agencies require knowing where the exact location
and ask to keep them between the country’s borders based on some regulations on these
countries[19].
When one uses the cloud, one probably will not know exactly where his or her data are
hosted. In fact, he or she might not even know what country it will be stored in. Customers must
ask providers if they will commit to storing and processing data in specific jurisdictions, and
whether they will make a contractual commitment to obey local privacy requirements on behalf
of their customer [25]. Also, this question leads us to the think about the requirements that the
customers have to obey when they want to keep their data away from the providers.
Cloud computing process does not distinguish between government and business
information, so the cloud process deals with government data just as it deals with business data.
Consequently, the data might be inside the country's borders or outside it. Thus, the data could
face different threats of being stolen or used for illegal activities.
5.2. How long is the information retain in cloud environment? Who can control the
policy of administration the data in the cloud?
Even if a customers usually don’t know where their data are, the service provider should
explain them what would happen to the services and the data in case of a disaster[25]. Replicating
data and application infrastructure is very important because any offering doesn’t apply that
replicating across multiple sites is usually vulnerable to some failures. When the service provider
go broke the company or the database, the customer must be sure that the data remains available
during these changes.
It is important that the data in the cloud environment continue to exist for a period of time
that the provider and the customer have agreed about. Consequently, we will examine the Service
Level Agreement [SLA] wherein the provider and the customer state their conditions [18]. The
SLA is where governments as customers can establish their conditions to make their situations
stronger. For example, the government can set conditions about the people who can reach the
information and modify it, the time when information should exist or not, and the place where the
information should be stored. However, the provider might be one of the weakest points in the
SLA.
5.3. Could data be copied by cloud service provider (CSP)? Can the data be
destroyed, or can he make the data inaccessible? Is the CSP keep the data for his
special usage?
Some issues in cloud computing, such cloud security and data privacy might be in
concern because of the absence of the cloud computing standards because each cloud provider
takes a different approach and offers different services [26]. Therefore, the provider is the only
6. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
6
one that really has the ability to reach the information and modify it without getting permission.
The client cannot control the provider’s access to the information.
The only way the client can control his or her information is through the SLA between
him or herself and the provider. On the other hand, the third party solution might solve some
problems, but not all of them. The third party is someone who works as a broker between the
client and the provider to make the information more secure from illegal use [27]. In general,
there is no secure procedure the organization or the government can follow to make information
secure in the cloud environment, so the data cloud faces these kind of unsecure behaviours like
being destroyed rather than secured or being kept longer than necessary and so on.
5.4. Cloud makes huge changes in IT
IT systems in Cloud Computing have been enabled to be more scalable and elastic, so the
end users don’t need to determine their requirement of computing resources in advance.
Consequently, they request their requirement on demand provisionally [28].
To use Cloud Computing services, the governments don’t need to own the infrastructure
to serve millions of people. However, using cloud computing is not favoured by government
agencies because of some security issues [29].
5.5. Cloud Computing can improve IT in public sector
Some government agencies accepted the cloud computing in some of their applications to
gather some benefits. NASA Nebula gives the researchers ability to access the IT services for
small period of time. Without this help, the researchers would take months to procure and
configure the IT resources and significant management to control and monitor the systems[29].
Cloud Computing can improve the scalability and elasticity in the IT applications and
resources in pubic sectors. By using of cloud computing on-demand facility, the public sectors
don’t need to determine their needs in advance [30].
5.6. Resources being in higher-value activities by efficiency improvement
“Approximately thirty cents of every dollar invested in federal IT was spent on data
center infrastructure. Unfortunately, only a fraction of this investment delivers real, measurable
impact for American citizens. By using the Cloud Computing model for IT services, we can
reduce our data center infrastructure expenditure by approximately 30% (which contributes to the
estimated $20 billion of IT spending that could be migrated to cloud computing solutions)”[2].
The software applications and end-user support systems will improve the efficiency in
systems that use Cloud Computing. The capacity and investments in agency missions could be
increased using these savings, including citizen-facing services; which are those services in
governments that directed to the public, and inventing and deploying new innovations [28].
Cloud computing allows IT organizations to be simplified, since they don’t have to
maintain complex, mixed technology applications anymore. The focusing on the work will be
moved from the technology itself to the mission of the government agency [31].
7. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
7
5.7. Duplication of information will be reduced by demand aggregation
Moving of data, application, and infrastructure into the cloud environment can be
improved and helped by using of cloud computing by focusing on the issues that associated with
federal organization and funding by increase the efforts on the IT services as utility [32].
However, the aggregation might cause more cost in terms of static and dynamic aggregation
methods. “The dynamic aggregation scheme results in 8% to 40% savings over the static
aggregation scheme when the degree of aggregation is high”[33].
Management and cost of procurement usually effected by IT services, similar to the
current model that is used for utility services and buildings [2]. Data and systems cloud have
more flexible environment by using cloud computing. So, by using appropriate standards, many
organizations and systems might go to use common services and platforms [34].
6. Model: Secure Data Agreement in Cloud Computing
This model has been developed to formulate the main factors of having secure data
agreement in cloud computing, so we will discuss the main four factors:
6.1. Location of the data/services
Usually, services providers don’t explain the geographical location of the servers. So,
many customers don’t trust these services from that provider. Consequently, different users or
agencies might ask the provider to locate their data in boarder of the country or in specific
location that they trust to avoid the hacking or loosing the data [2, 35].
SLA helps to manage this factor by state the conditions that the provider and the
consumer must follow and the penalties that they might get in case of breaking these conditions.
So, the location should be explained to the customer if he asks to know that, otherwise the SLA
won’t help with that [36].
Data Location and Relocation help to reduce some costs in communications or in storage
resources in the Internet, based on a study that [37] have done, the results show that importance of
Routing Problems and Data Location in the Cloud in case the provider provides the service in
efficient manner. So, based on some factors of locations, the services could be costly or not [36].
However, some users might ask for knowing the location because he should be aware about the
exact location as what we proposed before.
6.2. The period of time that the data is still available in Cloud
One of main factors that the consumer of Cloud Computing should know is the how long
of time that his data be available in cloud. In the other words, when and how has the ability to
delete or move the data from the servers. Some of providers/consumers believe that because of
less cost of storage the data in cloud, there is no need to move or delete it. In contrary, some of
the data owner wants to manage the data by themselves whereas the owner of the servers might
believe in the opposite way [38].
Also, SLA could help to manage this factor. In general, the consumer has the rights to
manage the data via the third party, so managing the period of time or moving and deleting the
data is one of the consumers job. However, the trust is playing a main role here. For example, if
the consumer asks to delete some data, which can guarantee that, this data is being deleted?
8. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
8
The [39] Provides essential characteristics that help to determine the availability of data
in cloud environment, which are on-demand self services, broad network access, resource
pooling, rapid elasticity and measured service.
6.3. Trust between services provider and consumer
You can find the concept of Trust is presented where you read about security between
two different involved people. In addition, in Cloud Computing the concept of Trust is stated in
the SLA between the provider and the consumer. Consumer and provider should follow the key
factor of the agreement, which is the trust [9]. Online relationship is one of the most dangerous
relationships between people, so during many activities between the provider and consumer the
trust grows exponentially. Creating trust and security is one of the most important factors for the
success of cloud computing. Cloud computing are facing a lot of challenges when the trust is
absent. So, there is no general form of Trust evaluation models for cloud computing environment
[40].
The main Idea of cloud computing that the user can use and operate the services in cloud
environment directly which provided by the providers. So, the impact and destruction for
resources in cloud computing is worse than the current real Internet environment which also
shares the recourses. Therefore, whether or not the behaviour of the cloud users are trusted, the
question still exist which is how can evaluate the user behaviour in trustworthy point of view. So,
still the process of evaluating the trust of the users has not general template to be followed, so the
trust still under practical evaluation process [41].
6.4. Service Level Agreement [SLA]
Users mainly using the main two operations in cloud computing which are upstream and
downstream operations in on-demand model, so they can discuss and negotiate some terms and
factors to manage some issues as license agreement, using of data, scalability and fundamental
breaches [26].
In cloud computing environment, verifying security happens by leading every service to
be able to report security facilities in present and verify it. So, these ability means the client needs
to have the authority to configure and set the fabric [42]. Although the client is the data owner,
sometimes it is not a good idea to give him or her the ability to modify the data or to monitor it
because sometime the clients might be lazy about keeping the information secure.
The [42] Proposed a new Reputation System to address the challenging of the process of
evaluate the reliability of providers or resources. Also, they proposed a SLA template pool to
drive the negotiation between the customers and providers more equitable, convenient and
transparent.
7. Importance of Cloud Computing
In cloud computing, there are uncertainties between the policies in public and the
capacity in technical demand in terms of developing and provisioning of cloud computing
services. The technical solutions could not be adequate or compatible with some policies in some
cases, like providing so much security that cloud be guaranteed by providers as a kind of results
of data collection processes in some agencies [9, 43].
9. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
9
Developing the cloud environment depends on different factors, as the time that the basic
technology completed, the time that the different technologies like computers and
telecommunications industries accept the standards, the amount of costing the effects and many
different others [7, 43]. Each of these factors can be influenced by government policy.
Governments can control the growing of the cloud computing by many ways. Some of them just
like and development in the Internet based application system.
7.1. The progress would be influenced by some factors [7]:
Giving ability to the researchers around the world to access cloud computing services to
make science research easier and international;
Offering an adequate level of security and privacy for the information that is already in the
cloud.
Making access to the cloud easier and affordable for people like researchers and
developers.
In general, for governments to operate their operations on cloud infrastructure is more
reliable and kind of secure and less costly, than operate the operations and managing hundreds of
different systems in traditional network [44]. Also, Cloud Computing support the governments
and users to not be locked or stuck with a specific providers or vendors.
8. CONCLUSIONS
Different issues that have been showed over by cloud computing are similar to the issues
that the governments have been stuck with form years like privacy, trustworthy, data protection
and accessibility. So, to address these issues could cost the cloud as twice as the cost of
addressing them in the normal Internet ways because of difficulty and importance.
Because of the Cloud Computing is a many to many applications and medium, it is not
that easy to determine the responsible for some issues and the location or the time. Also,
government policies should be flexible to meet the quick changes in cloud and technology. The
main point of solution to get more secure Cloud Computing environment is to have a strong
Service Level Agreement or any trust third party that can control the processing over Could
Computing. Data location, the period of time that the data must be exist in cloud, trust between
provider and customer, and the designing of service level agreement SLA are the main factors
that we discussed in this work.
ACKNOWLEDGEMENTS
This work is performed as a requirement from the Department of Technology
Management in University of Bridgeport with all thanks to the department of Computer Sciences
and Engineering.
REFERENCES
[1] Regan, P.M., Old issues, new context: Privacy, information collection, and homeland security.
Government Information Quarterly, 2004. 21(4): p. 481-497.
[2] Armburst, F., Griffith, Joseph, Katz and Knowinski, A View of Cloud Computing. Communications
of the ACM, 2010.
[3] Dawoud, W., Ibrahim Takouna, and Christoph Meinel, Infrastructure as a Service Security:
10. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
10
Challenges and Solutions. Postdam, Germany: Hasso Platter Institute, 2010.
[4] Gerber, B.J., et al., On the Front Line American Cities and the Challenge of Homeland Security
Preparedness. Urban Affairs Review, 2005. 41(2): p. 182-210.
[5] Paquette, J.a.W., Identifying the security risks associated with governmental use of cloud computing.
Government Information Quarterly 2010.
[6] Braman, S., Change of State: Information, Policy, and Power. RECIIS. Elect. J. Commun. Inf. Innov.
Health. Rio de Janeiro, 2007.
[7] Nelson, M.R., The Cloud, the Crowd, and Public Policy. ISSUES IN SCIENCE AND
TECHNOLOGY, 2009.
[8] Vaquerol, L.M., A Break in the Clouds: Towards a Cloud Definition. ACM SIGCOMM Computer
Communication Review, 2009.
[9] Jaeger, L.a.G., Cloud Computing and Information Policy: Computing in a Policy Cloud? . Journal of
Information Technology and Politics 2009.
[10] Wise, C.R. and R. Nader, Organizing the federal system for homeland security: Problems, issues, and
dilemmas. Public Administration Review, 2002. 62: p. 44-57.
[11] Brian, H., et al., Cloud computing. Communications of the ACM, 2008. 51(7): p. 9-11.
[12 ]Concepts, T.T.M., Cloud ERP Software Company in Los Angeles.
http://abouttmc.com/microsoftdynamicsgp-netsuite-vs-microsoftdynamicsnav/netsuite/what-is-cloud-
computing/, 2012.
[13] Chen, Y., V. Paxson, and R.H. Katz, What’s new about cloud computing security? University of
California, Berkeley Report No. UCB/EECS-2010-5 January, 2010. 20(2010): p. 2010-5.
[14] Xu, W., W. Beizhan, and H. Jing. Cloud computing and its key techniques. in Computer Science and
Automation Engineering (CSAE), 2011 IEEE International Conference on. 2011.
[15] Ramesh, S. and V. MuraliBhaskaran. Internet voting using cloud computing. in Sustainable Energy
and Intelligent Systems (SEISCON 2011), International Conference on. 2011.
[16] Kalagiakos, P. and P. Karampelas. Cloud Computing learning. in Application of Information and
Communication Technologies (AICT), 2011 5th International Conference on. 2011.
[17] Islam, S.S., et al. Cloud computing for future generation of computing technology. in Cyber
Technology in Automation, Control, and Intelligent Systems (CYBER), 2012 IEEE International
Conference on. 2012.
[18] Morin, J., J. Aubert, and B. Gateau. Towards Cloud Computing SLA Risk Management: Issues and
Challenges. in System Science (HICSS), 2012 45th Hawaii International Conference on. 2012.
[19] J., S., Is Cloud Computing Ready for the Enterprise. for Infrastructure & Operations Professionals,
2008.
[20] CISCO, Cloud Service Assurance for Virtualized Multi-Services Data Center 2.2. CISCO.
[21] Franklin, M.I., Understanding Research: Coping with the Quantitative-Qualitative Divide.
London/New York. Routledge, 2012.
[22]Sandelowski, M., Focus on Research Methods-Whatever Happened to Qualitative Description?
Research in nursing and health, 2000. 23(4): p. 334-340.
[23] Marshall, C., & Rossman, G. B. , Designing qualitative research. Sage Publications, Incorporated.,
2010.
[24] Creswell, J.W., Research design: Qualitative, quantitative, and mixed methods approaches2008:
SAGE Publications, Incorporated.
[25] Popović, K., Cloud Computing Security Issues and Challenges. MIPRO magazine, Croatia, 2010.
[26] Kerr, J. and K. Teng. Cloud computing: legal and privacy issues. in Proceedings of the Academy of
Business Disciplines Conference. 2010.
[27] Takabi, H., J.B. Joshi, and G.-J. Ahn, Security and privacy challenges in cloud computing
environments. Security & Privacy, IEEE, 2010. 8(6): p. 24-31.
[28] Kundra, V., Federal Cloud Computing Strategy. The White House Library, 2011.
[29] Wyld, D.C., Moving to the cloud: An introduction to cloud computing in government2009: IBM
Center for the Business of Government.
[30] Reza, M. Framework on large public sector implementation of cloud computing. in Cloud Computing
and Social Networking (ICCCSN), 2012 International Conference on. 2012.
[31] Jun-jie, W. and M. Sen. Security issues and countermeasures in cloud computing. in Grey Systems
and Intelligent Services (GSIS), 2011 IEEE International Conference on. 2011.
[32] Hummen, R., et al. A Cloud design for user-controlled storage and processing of sensor data. in Cloud
Computing Technology and Science (CloudCom), 2012 IEEE 4th International Conference on. 2012.
11. International Journal of Information Technology Convergence and Services (IJITCS) Vol.3, No.4, August 2013
11
[33] Haiyang, Q., L. Fu, and D. Medhi. On energy-aware aggregation of dynamic temporal demand in
cloud computing. in Communication Systems and Networks (COMSNETS), 2012 Fourth
International Conference on. 2012.
[34] Kaufman, L.M., Data Security in the World of Cloud Computing. Security & Privacy, IEEE, 2009.
7(4): p. 61-64.
[35] Leavitt, N., Is cloud computing really ready for prime time. Growth, 2009. 27(5).
[36] Zaigham, M. Data Location and Security Issues in Cloud Computing. in Emerging Intelligent Data
and Web Technologies (EIDWT), 2011 International Conference on. 2011.
[37] Larumbe, F. and B. Sans. Optimal Location of Data Centers and Software Components in Cloud
Computing Network Design. in Proceedings of the 2012 12th IEEE/ACM International Symposium
on Cluster, Cloud and Grid Computing (ccgrid 2012). 2012. IEEE Computer Society.
[38] Townsend, M. Managing a security program in a cloud computing environment. in 2009 Information
Security Curriculum Development Conference. 2009. ACM.
[39] Mell, P. and T. Grance, The NIST definition of cloud computing (draft). NIST special publication,
2011. 800: p. 145.
[40] Qiang, G., et al. Modeling and evaluation of trust in cloud computing environments. in Advanced
Computer Control (ICACC), 2011 3rd International Conference on. 2011.
[41] Li-qin, T., L. Chuang, and N. Yang. Evaluation of user behavior trust in cloud computing. in
Computer Application and System Modeling (ICCASM), 2010 International Conference on. 2010.
[42] MinChao, W., et al. A Conceptual Platform of SLA in Cloud Computing. in Dependable, Autonomic
and Secure Computing (DASC), 2011 IEEE Ninth International Conference on. 2011.
[43] Buyya, R., R. Ranjan, and R.N. Calheiros. Modeling and simulation of scalable Cloud computing
environments and the CloudSim toolkit: Challenges and opportunities. in High Performance
Computing & Simulation, 2009. HPCS '09. International Conference on. 2009.
[44] Gibson, J., et al. Benefits and challenges of three cloud computing service models. in Computational
Aspects of Social Networks (CASoN), 2012 Fourth International Conference on. 2012.