The document discusses the challenges of cloud forensics. Some key challenges discussed are:
1) Physical inaccessibility of digital evidence stored in the cloud makes evidence collection difficult as investigators do not have direct access to cloud servers.
2) Dynamic IP addresses in the cloud make it challenging to map IP addresses for search warrants as locations cannot be precisely tracked.
3) Volatile cloud data can be lost if storage instances are shutdown, as data only exists in memory and lacks persistence. This poses issues for forensic investigation.
The document also examines limitations of current forensic tools for cloud environments and issues of trust when relying on cloud providers' employees to collect forensic data. Overall, the challenges discussed center around the lack
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
Cloud Computing is a heavily evolving domain in technology. Many public and private entities are shifting their workstations on the cloud due to its robust, remote, virtual environment. Due to the enormity of this domain, it has become increasingly easier to carry out any sort of malicious attacks on such cloud platforms. There is a very low research done to develop the theory and practice of cloud forensics. One of the main challenges includes the inability to collect enough evidence from each and every subscriber of a Cloud Service Provider(CSP) and thus not being able to trace out the roots of the malicious activity committed. In this paper we compare past research done in this field and address the gaps and loopholes in the frameworks previously suggested. Overcoming these, our system/framework facilitates the collection, organization, and thereby the analysis of the evidence sought, hence preserving the essential integrity of the sensitive and volatile data.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
Cloud Computing is a heavily evolving domain in technology. Many public and private entities are shifting their workstations on the cloud due to its robust, remote, virtual environment. Due to the enormity of this domain, it has become increasingly easier to carry out any sort of malicious attacks on such cloud platforms. There is a very low research done to develop the theory and practice of cloud forensics. One of the main challenges includes the inability to collect enough evidence from each and every subscriber of a Cloud Service Provider(CSP) and thus not being able to trace out the roots of the malicious activity committed. In this paper we compare past research done in this field and address the gaps and loopholes in the frameworks previously suggested. Overcoming these, our system/framework facilitates the collection, organization, and thereby the analysis of the evidence sought, hence preserving the essential integrity of the sensitive and volatile data.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
A proposed Solution: Data Availability and Error Correction in Cloud ComputingCSCJournals
Cloud Computing is the hottest technology in the market these days, used to make storage of huge amounts of data and information easier for organizations. Maintaining servers to store all the information is quite expensive for individual and organizations. Cloud computing allows to store and maintain data on remote servers that are managed by Cloud Service Providers (CSP) like Yahoo and Google. This data can then be accessed through out the globe. But as more and more information of individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. In this paper we discussed security issues and requirements in the Cloud and possible solutions of some the problems. We develop an architecture model for cloud computing to solve the data availability and error correction problem.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
This research analysis will go over the various encryption methods and summarize the previous research in encryption that has been done to this point. The advantages of Symmetric and Asymmetric Encryption will be discussed in terms of security and efficiency. As encryption becomes more advanced, so the need for proper key management increases as well. This paper will conclude with a look at what could be the future of cloud encryption, Homomorphic Encryption.
Study on Secure Cryptographic Techniques in Cloudijtsrd
Cloud Computing is turning into an increasing number of popular day by day. If the safety parameters are taken care properly many organizations and authorities corporations will flow into cloud technology.one usage of cloud computing is statistics storage. Cloud affords considerable capability of garage for cloud users. It is more reliable and flexible to users to shop and retrieve their facts at whenever and everywhere. It is an increasingly more growing technology. Mariam Fatima | M Ganeshan | Saif Ulla Shariff "Study on Secure Cryptographic Techniques in Cloud" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd42363.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-network/42363/study-on-secure-cryptographic-techniques-in-cloud/mariam-fatima
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers. Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.
Aes based secured framework for cloud databasesIJARIIT
A Cloud database management system is a distributed database that delivers computing as a service (Caas) instead of
a product. Improving confidentiality of information stored in a cloud database .It is a very important contribution to the cloud
database. Data encryption is the optimum solution for achieving confidentiality. In some normal methods, encrypt the whole
database through some standard encryption algorithm that does not allow in SQL database operations directly on the cloud. This
formal solution affected by workload and cost would make the cloud database service inconvenient. I propose a novel
architecture for adaptive encryption of public cloud database. Adaptive encryption allows any SQL operation over encrypted
data. The novel cloud database architecture that uses adaptive encryption technique with no intermediate servers. This scheme
provides cloud provider with the best level of confidentiality for any database workload. I can determine the encryption and
adaptive encryption cost of data confidentiality from the research point of view. Index Terms Adaptive encryption Technique, AES (Advanced encryption Standard), Metadata.
Cloud computing is the technology which enables obtaining resources like so services,
software, hardware over the internet. With cloud storage users can store their data remotely and
enjoy on-demand services and application from the configurable resources. The cloud data storage
has many benefits over local data storage. Users should be able to just use the cloud storage as if it is
local, without worrying about the need to verify its integrity. The problem is that ensuring data
security and integrity of data of user. Sohere, I am going to have public audit ability for cloud storage
that users can resort to a third-party auditor (TPA) to check the integrity of data. This paper gives the
various issues related to privacy while storing the user’s data to the cloud storage during the TPA
auditing. Without appropriate security and privacy solutions designed for clouds this computing
paradigm could become a big failure. I am a giving privacy-preserving public auditing using ring
signature process for secure cloud storage system. This paper is going to analyze various techniques
to solve these issues and to provide the privacy and security to the data in cloud
The Opportunity of Using Wind to Generate Power as a Renewable Energy:"Case o...IJERA Editor
The demand ofsustainable energy is increased daily by expanding our cities and creating new cities and suburbswith huge towers besides increasing in population,moreover the environment and human life is threatening by the pollutions resulted from energy generation. For this reason the researchersattracted todevelop renewable energy and explore its large benefits and unit capacity. Wind power is one of the clean renewable energy resources.Therefore the importance of implementing this resource in Kuwait draws our attention to make this research to emphasis on the technical and economic aspects due to acceptable environmental conditions. Whereas, in some areas of the world, such as in Japan, has some geographical and electrical restrictions such as power fluctuating for land wind generation. And the introductionof large amount of wind power generation tends to be extremely difficult and even impossible in some location. This research is aimed to concentrate on the visibility of utilizing the wind energy as complementary source for the existing steam and gas turbine power stations in Kuwait, furthermore point out the economical perspectives that will guide us to take the right decision. The location of wind farms is very important in this aspect where we cannot build such projects inside the cities between buildings besides meeting the minimum requirements for economic generation. The study prove to us that even at a location which is almost close to the inhabitants buildings ( Kuwait airport ) can get accepted results the historical data was collected from the weather station at internet. The implementation of wind turbine farms is foreseen to be economic in generation for long run and encouragestepping up toward putting the infrastructure design. Furthermoreit is an opportunity for creating new job vacancies.
Permeability Evaluation in Pilaspi (M. Eocene - U. Eocene) FormationIJERA Editor
Studying the permeability in a particular formation will be our address in this paper, through collection of a set of data in relates to the past real core analyses by the oil operators and correlating them to our lab works on the samples of the same formation from Pilaspi formation (M.EOCENE - U.EOCENE) outcrop on Haibat Sultan Mountain near Taq Taq oil Field. Lab works were done in Koya University using most of reservoir lab equipments for getting and determining the most important properties like porosity and permeability on plug samples of that formation. The key study in this paper is oil well TT-02 in Taq Taq oil field. In this paper we will try to nominate and recognize the more active porosity type through measuring air and liquid permeability in our reservoir lab and show the effects of increasing flowing pressure on the permeability using saturated and dry core plug. Water and air were used as flowing fluids and two methods were used to measure the permeability; steady-state method, measures the permeability of a saturated Core plug under constant flow rate conditions and air permeability with (N2) for dry core plug.
A proposed Solution: Data Availability and Error Correction in Cloud ComputingCSCJournals
Cloud Computing is the hottest technology in the market these days, used to make storage of huge amounts of data and information easier for organizations. Maintaining servers to store all the information is quite expensive for individual and organizations. Cloud computing allows to store and maintain data on remote servers that are managed by Cloud Service Providers (CSP) like Yahoo and Google. This data can then be accessed through out the globe. But as more and more information of individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. In this paper we discussed security issues and requirements in the Cloud and possible solutions of some the problems. We develop an architecture model for cloud computing to solve the data availability and error correction problem.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
This research analysis will go over the various encryption methods and summarize the previous research in encryption that has been done to this point. The advantages of Symmetric and Asymmetric Encryption will be discussed in terms of security and efficiency. As encryption becomes more advanced, so the need for proper key management increases as well. This paper will conclude with a look at what could be the future of cloud encryption, Homomorphic Encryption.
Study on Secure Cryptographic Techniques in Cloudijtsrd
Cloud Computing is turning into an increasing number of popular day by day. If the safety parameters are taken care properly many organizations and authorities corporations will flow into cloud technology.one usage of cloud computing is statistics storage. Cloud affords considerable capability of garage for cloud users. It is more reliable and flexible to users to shop and retrieve their facts at whenever and everywhere. It is an increasingly more growing technology. Mariam Fatima | M Ganeshan | Saif Ulla Shariff "Study on Secure Cryptographic Techniques in Cloud" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd42363.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-network/42363/study-on-secure-cryptographic-techniques-in-cloud/mariam-fatima
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers. Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.
Aes based secured framework for cloud databasesIJARIIT
A Cloud database management system is a distributed database that delivers computing as a service (Caas) instead of
a product. Improving confidentiality of information stored in a cloud database .It is a very important contribution to the cloud
database. Data encryption is the optimum solution for achieving confidentiality. In some normal methods, encrypt the whole
database through some standard encryption algorithm that does not allow in SQL database operations directly on the cloud. This
formal solution affected by workload and cost would make the cloud database service inconvenient. I propose a novel
architecture for adaptive encryption of public cloud database. Adaptive encryption allows any SQL operation over encrypted
data. The novel cloud database architecture that uses adaptive encryption technique with no intermediate servers. This scheme
provides cloud provider with the best level of confidentiality for any database workload. I can determine the encryption and
adaptive encryption cost of data confidentiality from the research point of view. Index Terms Adaptive encryption Technique, AES (Advanced encryption Standard), Metadata.
Cloud computing is the technology which enables obtaining resources like so services,
software, hardware over the internet. With cloud storage users can store their data remotely and
enjoy on-demand services and application from the configurable resources. The cloud data storage
has many benefits over local data storage. Users should be able to just use the cloud storage as if it is
local, without worrying about the need to verify its integrity. The problem is that ensuring data
security and integrity of data of user. Sohere, I am going to have public audit ability for cloud storage
that users can resort to a third-party auditor (TPA) to check the integrity of data. This paper gives the
various issues related to privacy while storing the user’s data to the cloud storage during the TPA
auditing. Without appropriate security and privacy solutions designed for clouds this computing
paradigm could become a big failure. I am a giving privacy-preserving public auditing using ring
signature process for secure cloud storage system. This paper is going to analyze various techniques
to solve these issues and to provide the privacy and security to the data in cloud
The Opportunity of Using Wind to Generate Power as a Renewable Energy:"Case o...IJERA Editor
The demand ofsustainable energy is increased daily by expanding our cities and creating new cities and suburbswith huge towers besides increasing in population,moreover the environment and human life is threatening by the pollutions resulted from energy generation. For this reason the researchersattracted todevelop renewable energy and explore its large benefits and unit capacity. Wind power is one of the clean renewable energy resources.Therefore the importance of implementing this resource in Kuwait draws our attention to make this research to emphasis on the technical and economic aspects due to acceptable environmental conditions. Whereas, in some areas of the world, such as in Japan, has some geographical and electrical restrictions such as power fluctuating for land wind generation. And the introductionof large amount of wind power generation tends to be extremely difficult and even impossible in some location. This research is aimed to concentrate on the visibility of utilizing the wind energy as complementary source for the existing steam and gas turbine power stations in Kuwait, furthermore point out the economical perspectives that will guide us to take the right decision. The location of wind farms is very important in this aspect where we cannot build such projects inside the cities between buildings besides meeting the minimum requirements for economic generation. The study prove to us that even at a location which is almost close to the inhabitants buildings ( Kuwait airport ) can get accepted results the historical data was collected from the weather station at internet. The implementation of wind turbine farms is foreseen to be economic in generation for long run and encouragestepping up toward putting the infrastructure design. Furthermoreit is an opportunity for creating new job vacancies.
Permeability Evaluation in Pilaspi (M. Eocene - U. Eocene) FormationIJERA Editor
Studying the permeability in a particular formation will be our address in this paper, through collection of a set of data in relates to the past real core analyses by the oil operators and correlating them to our lab works on the samples of the same formation from Pilaspi formation (M.EOCENE - U.EOCENE) outcrop on Haibat Sultan Mountain near Taq Taq oil Field. Lab works were done in Koya University using most of reservoir lab equipments for getting and determining the most important properties like porosity and permeability on plug samples of that formation. The key study in this paper is oil well TT-02 in Taq Taq oil field. In this paper we will try to nominate and recognize the more active porosity type through measuring air and liquid permeability in our reservoir lab and show the effects of increasing flowing pressure on the permeability using saturated and dry core plug. Water and air were used as flowing fluids and two methods were used to measure the permeability; steady-state method, measures the permeability of a saturated Core plug under constant flow rate conditions and air permeability with (N2) for dry core plug.
A Review: Welding Of Dissimilar Metal Alloys by Laser Beam Welding & Friction...IJERA Editor
Welding of dissimilar metals has attracted attention of the researchers worldwide, owing to its many advantages and challenges. There is no denial in the fact that dissimilar welded joints offer more flexibility in the design and production of the commercial and industrial components. Many welding techniques have been analyzed to join dissimilar metal combinations. The objective of this paper is to review two such techniques – Laser welding and Friction stir welding. Laser beam welding, a high power density and low energy-input process, employs a laser beam to produce welds of dissimilar materials. Friction stir welding, a solid-state joining process, is also successfully used in dissimilar welding applications like aerospace and ship building industries. This paper summarizes the trends and advances of these two welding processes in the field of dissimilar welding. Future aspects of the study are also discussed.
A Study of A Method To Provide Minimized Bandwidth Consumption Using Regenera...IJERA Editor
Cloud storage systems to protect data from corruptions, redundant data to tolerate failures of storage and lost data should be repaired when storage fails. Regenerating codes provide fault tolerance by striping data across multiple servers, while using less repair traffic than traditional erasure codes during failure recovery. In previous research implemented practical Data Integrity Protection (DIP) scheme for regenerating-coding based cloud storage. Functional Minimum-Storage Regenerating (FMSR) codes and it construct FMSR-DIP codes, which allow clients to remotely verify the integrity of random subsets of long-term archival data under a multi server setting. The problem is to optimize bandwidth consumption when repairing multiple failures. The cooperative repair of multiple failures can help to further save bandwidth consumption when multiple failures are being repaired.
A report on Groundwater quality studies in Malwa region of Punjab, MUKTSARIJERA Editor
Punjab is the most cultivated state in India with the highest consumption of fertilizers. Muktsar district is one of them. Economy of the district is based on the Agriculture crops and 80% population of the district is engaged in Agriculture. Sri Muktsar Sahib is situated in the cotton belt of Punjab. Paddy, Wheat, Sugarcane, Oilseeds, Pulses and vegetables are also cultivated in this area. This paper highlights the analysis of groundwater quality parameters and compares its suitability for irrigation and drinking purpose. Water samples were collected from hand-pumps at different depth in October 2010. . Water samples were analysed for almost all major cations, anions, dissolved heavy metals and turbidity. parameters like total hardness, EC, magnesium ratio, were calculated on the basis of chemical data. A questionnaire was also used to investigate perception of villagers on taste and odour. The heavy metals studied in industrial area of Muktsar were Mercury, arsenic and lead. Comparison of the concentration of the chemical constituents with WHO (world health organization) drinking water standards of 2004 , ICMR limits and various classifications show that present status of groundwater in Muktsar is not suitable for drinking. Higher totalhardness (TH) and total dissolved solids at numerous places indicate the unsuitability of groundwater for drinking and irrigation. Results obtained in this forms baseline data for the utility of groundwater. No clear correlation between the quality parameters studied here and perceived quality in terms of satisfactory taste response were obtained at electrical conductivity values higher than the threshold minimum acceptable value.
Adsorptive Removal Of Dye From Industrial Dye Effluents Using Low-Cost Adsorb...IJERA Editor
Industrial, agricultural, and domestic activities of humans have affected the environmental system, resulting in drastic problems such as global warming and the generation of wastewater containing high concentration of pollutants. As water of good quality is a precious commodity and available in limited amounts, it has become highly imperative to treat wastewater for removal of pollutants. In addition, the rapid modernization of society has also led to the generation of huge amount of materials of little value that have no fruitful use. Such materials are generally considered as waste, and their disposal is a problem. The utilization of all such materials as low-cost adsorbents for the treatment of wastewater may make them of some value. An effort has been made to give a brief idea about the low-cost alternative adsorbents with a view to utilizing these waste/low-cost materials in the treatment of wastewater.
Analysis of Seismic Performance of Rock Block Structures with STAAD ProIJERA Editor
From olden days until now in our construction filed unreinforced masonry blocks of rocks is used as foundation and super structure wall as load bearing structure. In which blocks are stacked, sometimes being mortared with various cements. Ancient civilizations used locally available rocks and cements to construct rock block columns, walls and edifices for residences, temples, fortifications and infrastructure. Monuments still exist as testaments to the high quality construction by historic cultures, despite the seismic and other potentially damaging geo-mechanical disturbances that threaten them. Conceptual failure modes under seismic conditions of rock block structures, observed in the field or the laboratory, are presented. Our proposed work is analytically is carried out with rock block of 1m by 1m with 200 mm rock block under seismic loading to find out the damaged caused by the Mw 6.7 and 6.0 earthquakes on that block subject to dynamic load. Finally graphical output has generated and suggested for safe construction with more seismic load on rock blocks.
Dynamic Simulation of Chemical Kinetics in MicrocontrollerIJERA Editor
Arduino boards are interesting computational tools due to low cost and power consumption, as well as I/O ports, both analogs and digitals. Yet, small memory and clock frequency with truncation errors may disrupt numerical processing. This study aimed to design and evaluate the performance of a dynamic simulation based on ODEs in the Arduino, with three evaluated microprocessors; ATMEGA 328P and 2560, both 8 bits, and SAM3X8E Atmel ARM CORTEX – 32 bits. The study case was a batch reactor dynamic simulation. The Runge-Kutta 4th order algorithm was written in C++ and compiled for EPROM utilization. The output was a 115000bit/s serial connection. Processing time was almost identical for 8 bits architectures, while 32 bits was 25% faster. Without the serial connection the 8 bits architectures were 16 times faster and the 32 bits was 42 times faster. Error truncation was similar, since the floating points are done through software. The Arduino platform, despite its modest hardware, allows simple chemical systems simulation.
Green Roofs and Green Building Rating SystemsIJERA Editor
The environmental benefits for green building from the Leadership in Energy and Environment Design (LEED)
and Ecology, Energy, Waste, and Health (EEWH) rating systems have been extensively investigated; however,
the effect of green roofs on the credit-earning mechanisms is relatively unexplored. This study is concerned with
the environmental benefits of green roofs with respect to sustainability, stormwater control, energy savings, and
water resources. We focused on the relationship between green coverage and the credits of the rating systems,
evaluated the credits efficiency, and performed cost analysis. As an example, we used a university building in
Keelung, Northern Taiwan. The findings suggest that with EEWH, the proposed green coverage is 50–75%,
whereas with LEED, the proposed green coverage is 100%. These findings have implications for the application
of green roofs in green building.
in September 2014, the Buffalo History Museum unveiled its first exhibit of Hispanic history in the Buffalo, NY area. Here are the exhibit panels. Many thanks to Casimiro Rodriguez and the Hispanic Heritage Council.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...AJASTJournal
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined.
Security of Data in Cloud Environment Using DPaaSIJMER
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Abstract: Cloud computing model are obtaining ubiquitous authorization due to the heterogeneous convenience they provide. Although, the
security & privacy problems are the main considerable encumbrance holding back the universal adoption of this new emerging technology.
Various researches are concentrated on enhancing the security on Software as well as Hardware levels on the cloud. But these interpretations do
not mainly furnish the complete security way and therefore the data security compute (measure) are still kept under the access control of service
provider. Trusted Computing is another research concept. In actuality, these furnish a set of tools controlled by the third party technologies to
secure the Virtual Machines from the cloud computing providers. These approaches provides the tools to its consumers to assess and monitor the
aspects of security their data, they don’t allocate the cloud consumers with high control capability. While as the new emerging DCS approach
aims to provide the security of data owners of their data. But the DCS approach concept is elucidate in many ways and there is not a
standardized framework of cloud computing environment model for applying this approach.
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
https://jst.org.in/index.html
Our Journals has a act as vehicles for the dissemination of knowledge, making research findings accessible to a wide audience. This accessibility is vital for the progress of education, as it allows students, educators, and professionals to stay informed about the latest developments in their respective fields.
It auditing to assure a secure cloud computingingenioustech
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
Trust Your Cloud Service Provider: User Based Crypto ModelIJERA Editor
In Data Storage as a Service (STaaS) cloud computing environment, the equipment used for business operations
can be leased from a single service provider along with the application, and the related business data can be
stored on equipment provided by the same service provider. This type of arrangement can help a company save
on hardware and software infrastructure costs, but storing the company’s data on the service provider’s
equipment raises the possibility that important business information may be improperly disclosed to others [1].
Some researchers have suggested that user data stored on a service-provider’s equipment must be encrypted [2].
Encrypting data prior to storage is a common method of data protection, and service providers may be able to
build firewalls to ensure that the decryption keys associated with encrypted user data are not disclosed to
outsiders. However, if the decryption key and the encrypted data are held by the same service provider, it raises
the possibility that high-level administrators within the service provider would have access to both the
decryption key and the encrypted data, thus presenting a risk for the unauthorized disclosure of the user data. we
in this paper provides an unique business model of cryptography where crypto keys are distributed across the
user and the trusted third party(TTP) with adoption of such a model mainly the CSP insider attack an form of
misuse of valuable user data can be treated secured.
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
In the digital world using technology and new technologies require safe and reliable environment, and it also requires consideration to all the challenges that technology faces with them and address these challenges. Cloud computing is also one of the new technologies in the IT world in this rule there is no exception. According to studies one of the major challenges of this technology is the security and safety required for providing services and build trust in consumers to transfer their data into the cloud. In this paper we attempt to review and highlight security challenges, particularly the security of data storage in a cloud environment. Also, provides some offers to enhance the security of data storage in the cloud
computing systems that by using these opinions can be overcome somewhat on the problems.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Similar to Challenges and Proposed Solutions for Cloud Forensic (20)
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Challenges and Proposed Solutions for Cloud Forensic
1. Puraj Desai et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 5, Issue 1( Part 2), January 2015, pp.37-42
www.ijera.com 37 | P a g e
Challenges and Proposed Solutions for Cloud Forensic
Puraj Desai, Mehul Solanki, Akshay Gadhwal, Aalap Shah, Bhumika Patel
Department Of Computer Science and Technology Uka Tarsadia University Bardoli, Surat, Gujarat 394350
Department Of Computer Science and Technology Uka Tarsadia University Bardoli, Surat, Gujarat 394350
Department Of Computer Science and Technology Uka Tarsadia University Bardoli, Surat, Gujarat 394350
Department Of Computer Science and Technology Uka Tarsadia University Bardoli, Surat, Gujarat 394350
Assistant Professor Department Of Computer Science and Technology Uka Tarsadia University Bardoli , Surat,
Gujarat 394350
Abstract
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and
managing a physical IT infrastructure to host their software applications, organizations are increasingly
deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties.
Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud.
There is a very low research done to develop the theory and practice of cloud forensic. The investigator has
huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one
among many problems is that the customer is only concerned of security and threat of unknown. The cloud
service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting
for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for
investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed
solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
Keywords-Cloud Computing, Virtual Environment, Cloud Forensic
I. INTRODUCTION
Cloud forensic is a popular and less expensive as
well as efficient way of storing data today. Many
firms and organizations have joined with the cloud
services to keep their application or other data
available 24*7 online.
With the increasing use there always stays risk of
data security and privacy. Here is where cloud
forensic is needed but still cloud forensic is not much
developed theory. According to the author in [1],
there are many complicated problems faced by
investigator during collection of data also there are
different types of issue on which investigator has to
come across to get the evidence of suspect.
The investigator has various problem like the
storage of data is not local once kept on cloud thus
suspects computer cannot have anything stored in the
computer, then comes second problem that the data
stored on cloud is of multiple user so the server
cannot be seized else all the users data are seized.
Third problem is data of suspect is found but still
separating it from other users data is complex. Once
the data is on cloud the theft can be done so it’s a
high risk for health related data, national data,
security related data. There are different challenges
like data acquisition, logging, chain of custody,
limited forensic tools, trustworthy data retention, etc
Digital storage of computer data is carried out
more these days as cloud computing provides great
infrastructure for organizations and individuals. Due
to large scale use of storage there can be attack over
the network and hence it would be a big challenge to
investigate on cloud. For investigating purpose the
digital forensic is newly used with increasing use of
digital storage over virtual network and also for the
criminal activity.
According to the author in [2], the main problem
while investigating on network is from where
(Location) the attack has been carried out, due to IP
address not static over cloud computing its complex
task to retrieve the IP address. Also there are
different types of challenges like government aspects,
risk factor and control suffered by forensics. Even
there are few issue like threat and security issue, data
security and privacy issue, trust issue suffered by
them.
In [3], the author has proposed that the use of
cloud computing increasing the security concerned
challenges is also increasing. Digital provenance is
an important feature of digital forensic which leads to
use different tools and techniques. Also the source
retrieved is to be proved by digital forensic, thus it’s
mandatory to have exactly data and digital forensic
need to separate data from other user on the cloud.
Also there can be attack over cloud like DDos and
unauthorized file sharing carried out on the cloud.
Computing over cloud is a heavily promoted and
enhanced way to store data, as its resource dependent
there is research being carried out for different types
of opportunity and also to analyse and do experiment
RESEARCH ARTICLE OPEN ACCESS
2. Puraj Desai et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 5, Issue 1( Part 1), January 2015, pp.37-42
www.ijera.com 38 | P a g e
over it. Cloud computing consist of different
concepts like network computing, utility computing,
software as a service, storage on cloud and
virtualization which is been done by IT technicians
for unification in information processing.
Cloud refers to provide services to client
remotely. According to the author in [4], many
businesses are moved to cloud due to long time
availability of data and also to use few or more
needed application remotely. There are few security
issues like regulatory compliance, data location,
privileged user access, data segregation, recovery,
and investigative support. There is a challenge for
live forensic tools to grab the IP address and to get
evidence too over virtual environment like cloud.
In [5], the author has proposed that cloud
computing is most discussed topic but still it presents
many economic opportunities and promising
technology. There is an open issue of performing
digital investigation over cloud. As there is lack of
physical access to server, it’s a mere challenge for
investigation. Access is not provided due to effect on
customer and provider of insecurity. The nature of
data processing on cloud is decentralized and also the
evidence collection and recovery approach are
traditional which leads to no practical data.
Information technology is a setup of
infrastructure for an organization with few boxes of
hardware, applications, network switches, data
canters, etc. According to the author in [6], the
visualization of few computers connected with server
and network for sharing different types of things like
application, data with a low cast, maintenance free IT
infrastructure which is called ―Cloud‖.
Cloud is an environment of elastic elimination of
resources which involves multiple stakeholders and
provides a measured service at multiple impurities for
a specified level of service. Cloud Technology is
replacing traditional setup with virtualized, remote,
on-demand software services, configured for the
particular needs of the organization.
These services can be hosted and managed by in-
house or by a third-party. Resulting, the software and
data including business application may be physically
stored across many different geographic locations.
The use of cloud computing has potential benefits to
organizations, including increased flexibility and
efficiency. On the other side, along with flexibility,
efficiency and substantial cost saving, Cloud is also
gives a thread to the organization about a theft of
Copy Right or patented methods, solutions, or
personal or organizational confidential information.
In case of any Cyber Incident, normally, digital
forensic investigator assumes that the storage media
under investigation is completely within the control
of the investigator. Conducting investigations in a
cloud computing environment presents new
challenges, since evidence is likely to be ephemeral
and stored on media beyond the immediate control of
an investigator [6].
II. BACKGROUND
In this section, we provide a short overview of
cloud computing and computer forensics.
A. Cloud computing
Definition—According to the definition by the
National Institute of Standards and Technology
(NIST), ―Cloud computing is a model which provides
a convenient way of ondemand network access to a
shared pool of configurable computing that can be
saved easily and released with small management
effort‖ [7].
Classification according to service model:
According to the nature of service model used by
the Cloud Service Provider (CSP), cloud computing
can be divided into three categories: Software as a
Service (SaaS), Platform as a Service (PaaS), and
Infrastructure as a Service (IaaS) [7].
Software as a Service (SaaS). This model provides
the users the facility of using cloud service provider’s
software running on cloud infrastructure. Unlike
other software to be installed by the user in machine
the user can directly use the same software with the
help of cloud which leads to easiness of accessing
proprietary software too. Some Examples of SaaS
are: Salesforce [11], Google Drive [12], and Google
calendar [13].
Platform as a Service (PaaS). In PaaS, user can
deploy their own application or a SaaS application in
the cloud infrastructure. Normally, the user pay
according to the bandwidth usage and database
usage. User can only use the application development
environments, which are supported by the PaaS
providers. Two examples of PaaS are: Google App
Engine (GAE) [14] and Windows Azure [15]. User
can host their own developed web based application
on these platforms.
Infrastructure as a Service (IaaS). This model
allows a user to rent processing power and storage to
launch own virtual machine. One of the important
features is that the user can scale up according to
their requirement. It allows their applications to
handle high load smoothly. On the other hand, they
can save cost when the demand is low. Customers
have full control over storage, deployed applications,
OS (Operating System), and possibly limited control
of selecting networking components (e.g., host
firewalls). An example of IaaS is Amazon EC2 [16].
EC2 provides users with access to virtual machines
(VM) running on its servers. User can install any
operating system and can run any application in that
VM. It also gives the customers the facility of saving
3. Puraj Desai et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 5, Issue 1( Part 1), January 2015, pp.37-42
www.ijera.com 39 | P a g e
the VM status by creating an image of the instance. The VM can be restored later by using that image.
Figure 1: Three service models of Cloud Computing [20]
Classification according to deployment model:
Cloud computing can be categorized into four
Deployment model categories – private, public,
community, and hybrid [7].
Private cloud.
In private cloud model, the cloud infrastructure
is fully operated by the owner organization. It is the
internal data centre of a business organization.
Private cloud can be found in large companies and
for research purpose.
Community cloud.
If several organizations with common concerns
(e.g., mission, security requirements, policy, Textile
market and compliance considerations) share cloud
infrastructure then this model is referred as
community cloud.
Public cloud.
In the public cloud model, the Cloud Service
Providers (CSP) owns the cloud infrastructure and
they make it available to the general people or a large
industry group. All the examples given in the service
based cloud categorization are public cloud.
Hybrid cloud.
The hybrid cloud infrastructure is a combination
of two or more clouds. Hybrid Cloud architecture
requires on-premises resources and remote server
based cloud infrastructure. Figure 2 shows three
different deployment models of cloud computing –
private, public, and hybrid cloud.
4. Puraj Desai et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 5, Issue 1( Part 1), January 2015, pp.37-42
www.ijera.com 40 | P a g e
Figure 2: Three different cloud deployment models [21]
B. Cloud Forensic
Cloud forensic is a domain that works towards
the usage and execution of digital forensic policy and
methodologies within the cloud.usage of digital
forensic in corporate communication amongst the
cloud actor to comply with internal and external
investigation.
From the definitions, we can say that computer
forensics is comprised of four main processes:
• Identification: Identification process is comprised
of two main steps: identification of an incident and
identification of the evidence, which will be required
to prove the incident.
• Collection: In the collection process, an
investigator extracts the digital evidence from
different types of media e.g., hard disk, cell phone, e-
mail, and many more. Additionally, he needs to
preserve the integrity of the evidence.
• Organization: There are two main steps in
organization process: examination and analysis of the
digital evidence. In the examination phase, an
investigator extracts and inspects the data and their
characteristics. In the analysis phase, he interprets
and correlates the available data to come to a
conclusion, which can prove or disprove civil,
administrative, or criminal allegations.
• Presentation: In this process, an investigator
makes an organized report to state his findings about
the case. This report should be appropriate enough to
present to the jury.
Figure 3 illustrates the flow of aforementioned
processes in computer forensics.
Figure 3. Computer Forensics Process Flow
Figure 3: Flow of Computer Forensic [1]
III. CHALLENGES OF CLOUD
FORENSICS
In this section, we examine the challenges in
cloud forensics, as discussed in the current research
literature. We present our analysis by looking into the
challenges faced by investigators in each of the
stages of computer forensics (as described in Section
II-B). Some of the important challenges we address
here are: forensic data gathering, limitation of
forensic tools, trust issue.
A. Forensic Data Gathering
Collection of the digital evidence is the most crucial
step of forensic procedure. Any errors that have
occurred in the collection phase will contact to the
evidence organization and reporting phase, which
will eventually affect the whole investigation process.
According to Birk, evidence can be available in three
different states in cloud–at rest, in motion, and in
execution [5].
Physical Inaccessibility.
Physical inaccessibility of digital evidence
makes the evidence collection procedure harder in
cloud forensics. The established digital forensic
procedures and tools assume that we have physical
access to the computers. However, in cloud forensics,
the situation is different. Sometimes, we do not even
5. Puraj Desai et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 5, Issue 1( Part 1), January 2015, pp.37-42
www.ijera.com 41 | P a g e
know where the data is located as it is distributed
among many hosts in multiple data centres. A
number of researchers address this issue in their work
[5].
Mapping IP (Internet protocol) address for
Search Warrant.
To issue a search warrant the search warrant
should specify the location.in the digital environment
the location can be tracked with the help of IP
(Internet Protocol) address which is a tedious task in
the cloud environment as the IP (Internet Protocol)
address is not static.
Volatile Data.
With extra payment user can get storage which is
uncommon for small, medium scale business hub. A
dangerous user can exploit this blame. A malicious
user may complain of the instance being exposed to
some third personal and being attacked by him such a
scenario is a turmoil for forensic investigation.
Without capability of persistence, state would only
exist in Random Access Memory, and would be lost
when this Random Access Memory loses power as in
shutdown of computer [5] [9] [10] [17].
B. Limitations of Current of Forensic Tools.
The flexible feature of cloud paradigm poses as a
hurdle for current forensic tools and methodology.
The limitations of current forensic tools are discussed
by some researchers in their work [17], [18], [6]. For
investigations in virtualized environment still there is
a lack of tools and procedure. Ruan et al. explained
the need of forensic tools and forensic data collection
within cloud service provider [18].
C. Trust Issue.
Once the search warrant is issued, an employee
of cloud service provider is required for data
collection but data collected by employee cannot be
validated as the employee cannot be said as a
licensed forensics investigator and it is also not
possible to claim that data are appropriate. The date
and time stamp can also be given after manipulation
if it comes from multiple systems. [19]
IV. Tools for Cloud Forensic
Analysis:
From the analysis we came to know about
different problems like
o API is not available from Cloud Service
Provider- The service provider doesn’t provide
any type of API to investigator to investigate
over server which leads to complexity.
o Security and privacy related issue- Each server
consist of multi user and the investigator
cannot seize over the server just to investigate
as there can be data which are private and also
related to national security.
o IP capturing- the investigator need to have a
search warrant before investigation and it is
mandatory to specify the IP address(location)
as in the digital environment the location can
only be tracked with the help of IP address and
capturing a Dynamic IP address is again a
tedious task.
Experiment:
There are different types of tools used by digital
forensic to retrieve evidence, recover data, etc.
One among the data recovering is Autopsy.
Autopsy
o Autopsy is a memory recovering open source
tool which is being used by digital forensic while
recovery of data is to be made. This tool helps to
retrieve audio, video, image, folders, etc.
o The tool provides the description of data to be
retrieved with the data it was deleted. It also
retrieves the data which are permanently deleted
from the hard Disk. Once the recovery is done
the tool lets the data to be stored on machine
back.
o We tried retrieving an image file which we
deleted a week before and we were even
successful in getting it.
F-response
o It is easy to use, vendor neutral, patented
software utility which helps to investigate.
o Data Recovery, Discovery over IP network using
tools can be carried out in this tool.
o Autopsy is totally subset of f-response. Thus, all
the features of autopsy can be used in this tool
also.
V. Proposed Solution
We assume that the following 3 steps are already
being done:
Step 1- To wait for request from the cloud service
provider.
Step 2- To gather requirement about the attack.
Step3- Co-operation of the cloud service provider to
investigate over the server.
Now, the following steps can be done once the
above steps are fulfilled:
Step1- We use the F-response tool as it helps to
investigate, it would recover the data, and Discovery
over IP network.
Step2- If f-response is not successful in recovering of
the data the Autopsy tool can be used.
VI. CONCLUSION
We identify that cloud forensics is a cross-
discipline between digital forensics and cloud
6. Puraj Desai et al Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 5, Issue 1( Part 1), January 2015, pp.37-42
www.ijera.com 42 | P a g e
computing. Various aspects of forensic in cloud
computing and the cloud forensic have been
reviewed. With more use of cloud computing,
there is an issue for providing trustworthy cloud
forensic schemes. According to current scenario
of the world, more business organizations are
moving data on cloud environments. As there is
development in IT sector, there will be more
complexities for crime investigator in accessing,
retrieving and getting the data as evidence. With
more technology the crime can be done easily
(Cybercrime) and demand of forensic
investigation on cloud will be more. These
investigations have to suffer from lack of
guidance, tools and technique to retrieve
evidence in forensically good way. Also cloud
service provider should provide robust API for
acquiring evidence. Solving all the challenges of
cloud forensics will clear the way for making a
forensics-enabled cloud and allow more
consumers to take the advantages of cloud
computing. There is also the need for re-examine
laws because of the need to move forward and
combating criminals. Finally, there is also the
need for the digital forensics community to begin
establishing standard empirical mechanisms to
evaluate frameworks, procedures and software
tools for use in a cloud environment. Only when
research has been conducted to show the true
impact of the cloud on digital forensics, can we
be sure how to alter and develop alternative
frameworks and guidelines as well as tools to
combat cyber-crime in the cloud.
REFERENCES
[1] Shams Zawoad and Ragib Hasan,‖Cloud
Forensics: A Meta-Study of Challenges,
Approaches, and Open Problems‖, 26th
February-2013(arXiv: 1302.6312v1).
[2] Farid et al. ―A Survey about Impacts of
Cloud Computing on Digital Forensics ―,
2013(ISSN: 23050012).
[3] Deoyani Shirkhedkar and Sulabha patil,
―Design of digital forensic technique for
cloud computing ―, june-2014(ISSN:
23217782).
[4] Ashish et al. ―Some Forensic & Security
Issues of Cloud Computing‖, October-
2013(ISSN: 2277128x).
[5] Dominik Birk,‖ Technical Challenges of
Forensic Investigations in Cloud Computing
Environments,‖ in Workshop on
Cryptography and Security in Clouds,
January 12, 2011.
[6] G.Grispos et al. ―Calm before the storm:
The challenges of cloud computing in digital
forensics,‖ International Journal of Digital
Crime and Forensics (IJDCF), 2012.
[7] P. Mell and T. Grance, ―Draft NIST working
definition of cloud computing-v15,‖ 21. Aug
2009, 2009.
[8] K. Kent et al. ―Guide to integrating forensic
techniques into incident response,‖ NIST
Special Publication, pp. 800–86, 2006.
[9] H. Guo et al. ―Forensic investigations in
cloud environments,‖ in Computer Science
and Information Processing (CSIP), 2012
International Conference on. IEEE, 2012,
pp. 248–251.
[10] S.Wolthusen, ―Overcast: Forensic discovery
in cloud environments,” in proceedings of
the Fifth International Conference on IT
Security Incident Management and IT
Forensics (IMF). IEEE, 2009, pp. 3–9.
[11] Salesforce, ―Social enterprise and crm in the
cloud - salesforce.com,‖ http://www.salesfor
ce.com/, 2014, [Accessed October 5th,
2014].
[12] Google, ―Google drive,‖ https://drive.googl
e.com/start#home, [Accessed October 5th,
2014].
[13] ——, ―Google calendar,‖ https://www.
google.com/calendar/, [Accessed October
5th, 2014].
[14] GAE, ―Google app engine,‖ http://app
engine.google.com, [Accessed October 5th,
2014].
[15] Azure, ―Windows azure,‖
http://www.windowsazure.com, [Accessed
October 5th, 2014].
[16] Amazon EC2, ―Amazon elastic compute
cloud (amazon ec2),”
http://aws.amazon.com/ec2/, [Accessed
October 5th, 2014].
[17] D. Reilly et al. ―Cloud computing: Pros and
cons for computer forensic investigations,‖
International Journal Multimedia and Image
Processing (IJMIP), vol. 1, no. 1, pp. 26–34,
March 2011.
[18] K. Ruan et al. ―Cloud forensics: An overview,‖
in proceedings of the 7th IFIP International
Conference on Digital Forensics, 2011.
[19] J. Dykstra and A. Sherman, ―Understanding
Issues in Cloud Forensics: Two hypothetical
case studies,” Journal of Network Forensics,
vol. b, no. 3, pp. 19–31, 2011.
[20] Service Model of Cloud, https://www.spkaa.
com/plm-in-the-cloud-computer-system-val
idation-in-fda-regulated-industries, [Access
ed October 5th
, 2014]
[21] Cloud Deployment Model,‖vmware.com‖,
http://download3.vmware.com/vcat/docume
ntation-center/index.html#page/Service%25
20Definitions/2%2520Service%2520Definit
ions.2.03.html,[Accessed October 5th
, 2014]