Fog computing extends cloud computing by providing security and data processing capabilities at the edge of the network, close to end users and devices. It aims to address issues like high latency and bandwidth usage that can occur when all data processing is done in the cloud. Fog computing deploys computing, storage, and applications between end devices and cloud data centers so that data can be processed locally when needed. This helps enable real-time applications like smart energy grids that require low latency responses by running applications on edge devices instead of sending all data to the cloud.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
In the digital world using technology and new technologies require safe and reliable environment, and it also requires consideration to all the challenges that technology faces with them and address these challenges. Cloud computing is also one of the new technologies in the IT world in this rule there is no exception. According to studies one of the major challenges of this technology is the security and safety required for providing services and build trust in consumers to transfer their data into the cloud. In this paper we attempt to review and highlight security challenges, particularly the security of data storage in a cloud environment. Also, provides some offers to enhance the security of data storage in the cloud
computing systems that by using these opinions can be overcome somewhat on the problems.
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
in cloud computing data storage is a significant issue
because the entire data reside over a set of interconnected
resource pools that enables the data to be accessed through
virtual machines. It moves the application software’s and
databases to the large data centers where the management of
data is actually done. As the resource pools are situated over
various corners of the world, the management of data and
services may not be fully trustworthy. So, there are various
issues that need to be addressed with respect to the
management of data, service of data, privacy of data, security
of data etc. But the privacy and security of data is highly
challenging. To ensure privacy and security of data-at-rest in
cloud computing, we have proposed an effective and a novel
approach to ensure data security in cloud computing by means
of hiding data within images following is the concept of
steganography. The main objective of this paper is to prevent
data access from cloud data storage centers by unauthorized
users. This scheme perfectly stores data at cloud data storage
centers and retrieves data from it when it is needed.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
In the digital world using technology and new technologies require safe and reliable environment, and it also requires consideration to all the challenges that technology faces with them and address these challenges. Cloud computing is also one of the new technologies in the IT world in this rule there is no exception. According to studies one of the major challenges of this technology is the security and safety required for providing services and build trust in consumers to transfer their data into the cloud. In this paper we attempt to review and highlight security challenges, particularly the security of data storage in a cloud environment. Also, provides some offers to enhance the security of data storage in the cloud
computing systems that by using these opinions can be overcome somewhat on the problems.
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
in cloud computing data storage is a significant issue
because the entire data reside over a set of interconnected
resource pools that enables the data to be accessed through
virtual machines. It moves the application software’s and
databases to the large data centers where the management of
data is actually done. As the resource pools are situated over
various corners of the world, the management of data and
services may not be fully trustworthy. So, there are various
issues that need to be addressed with respect to the
management of data, service of data, privacy of data, security
of data etc. But the privacy and security of data is highly
challenging. To ensure privacy and security of data-at-rest in
cloud computing, we have proposed an effective and a novel
approach to ensure data security in cloud computing by means
of hiding data within images following is the concept of
steganography. The main objective of this paper is to prevent
data access from cloud data storage centers by unauthorized
users. This scheme perfectly stores data at cloud data storage
centers and retrieves data from it when it is needed.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
Cloud computing security through symmetric cipher modelijcsit
Cloud computing can be defined as an application and services which runs on distributed network using
virtualized and it is accessed through internet protocols and networking. Cloud computing resources and
virtual and limitless and information’s of the physical systems on which software running are abstracted
from the user. Cloud Computing is a style of computing in which dynamically scalable and often virtualized
resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or
control over the technology infrastructure in the "cloud" that supports them. To satisfy the needs of the
users the concept is to incorporate technologies which have the common theme of reliance on the internet
Software and data are stored on the servers whereas cloud computing services are provided through
applications online which can be accessed from web browsers. Lack of security and access control is the
major drawback in the cloud computing as the users deal with sensitive data to public clouds .Multiple
virtual machine in cloud can access insecure information flows as service provider; therefore to implement
the cloud it is necessary to build security. Therefore the main aim of this paper is to provide cloud
computing security through symmetric cipher model. This article proposes symmetric cipher model in
order to implement cloud computing security so that data can accessed and stored securely.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
Aes based secured framework for cloud databasesIJARIIT
A Cloud database management system is a distributed database that delivers computing as a service (Caas) instead of
a product. Improving confidentiality of information stored in a cloud database .It is a very important contribution to the cloud
database. Data encryption is the optimum solution for achieving confidentiality. In some normal methods, encrypt the whole
database through some standard encryption algorithm that does not allow in SQL database operations directly on the cloud. This
formal solution affected by workload and cost would make the cloud database service inconvenient. I propose a novel
architecture for adaptive encryption of public cloud database. Adaptive encryption allows any SQL operation over encrypted
data. The novel cloud database architecture that uses adaptive encryption technique with no intermediate servers. This scheme
provides cloud provider with the best level of confidentiality for any database workload. I can determine the encryption and
adaptive encryption cost of data confidentiality from the research point of view. Index Terms Adaptive encryption Technique, AES (Advanced encryption Standard), Metadata.
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSIJNSA Journal
Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
In a typical cloud computing diverse facilitating components like hardware, software, firmware,
networking, and services integrate to offer different computational facilities, while Internet or a private
network (or VPN) provides the required backbone to deliver the services. The security risks to the cloud
system delimit the benefits of cloud computing like “on-demand, customized resource availability and
performance management”. It is understood that current IT and enterprise security solutions are not
adequate to address the cloud security issues. This paper explores the challenges and issues of security
concerns of cloud computing through different standard and novel solutions. We propose analysis and
architecture for incorporating different security schemes, techniques and protocols for cloud computing,
particularly in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) systems. The proposed
architecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and
is not coupled with the underlying backbone. This would facilitate to manage the cloud system more
effectively and provide the administrator to include the specific solution to counter the threat. We have also
shown using experimental data how a cloud service provider can estimate the charging based on the
security service it provides and security-related cost-benefit analysis can be estimated.
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers. Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
Cloud computing security through symmetric cipher modelijcsit
Cloud computing can be defined as an application and services which runs on distributed network using
virtualized and it is accessed through internet protocols and networking. Cloud computing resources and
virtual and limitless and information’s of the physical systems on which software running are abstracted
from the user. Cloud Computing is a style of computing in which dynamically scalable and often virtualized
resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or
control over the technology infrastructure in the "cloud" that supports them. To satisfy the needs of the
users the concept is to incorporate technologies which have the common theme of reliance on the internet
Software and data are stored on the servers whereas cloud computing services are provided through
applications online which can be accessed from web browsers. Lack of security and access control is the
major drawback in the cloud computing as the users deal with sensitive data to public clouds .Multiple
virtual machine in cloud can access insecure information flows as service provider; therefore to implement
the cloud it is necessary to build security. Therefore the main aim of this paper is to provide cloud
computing security through symmetric cipher model. This article proposes symmetric cipher model in
order to implement cloud computing security so that data can accessed and stored securely.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
Aes based secured framework for cloud databasesIJARIIT
A Cloud database management system is a distributed database that delivers computing as a service (Caas) instead of
a product. Improving confidentiality of information stored in a cloud database .It is a very important contribution to the cloud
database. Data encryption is the optimum solution for achieving confidentiality. In some normal methods, encrypt the whole
database through some standard encryption algorithm that does not allow in SQL database operations directly on the cloud. This
formal solution affected by workload and cost would make the cloud database service inconvenient. I propose a novel
architecture for adaptive encryption of public cloud database. Adaptive encryption allows any SQL operation over encrypted
data. The novel cloud database architecture that uses adaptive encryption technique with no intermediate servers. This scheme
provides cloud provider with the best level of confidentiality for any database workload. I can determine the encryption and
adaptive encryption cost of data confidentiality from the research point of view. Index Terms Adaptive encryption Technique, AES (Advanced encryption Standard), Metadata.
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSIJNSA Journal
Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
In a typical cloud computing diverse facilitating components like hardware, software, firmware,
networking, and services integrate to offer different computational facilities, while Internet or a private
network (or VPN) provides the required backbone to deliver the services. The security risks to the cloud
system delimit the benefits of cloud computing like “on-demand, customized resource availability and
performance management”. It is understood that current IT and enterprise security solutions are not
adequate to address the cloud security issues. This paper explores the challenges and issues of security
concerns of cloud computing through different standard and novel solutions. We propose analysis and
architecture for incorporating different security schemes, techniques and protocols for cloud computing,
particularly in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) systems. The proposed
architecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and
is not coupled with the underlying backbone. This would facilitate to manage the cloud system more
effectively and provide the administrator to include the specific solution to counter the threat. We have also
shown using experimental data how a cloud service provider can estimate the charging based on the
security service it provides and security-related cost-benefit analysis can be estimated.
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers. Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
nable applications provide as a services for the users
with low computational cost through internet. As we store data
and it also provide services in distributed environment. Cloud
ease its users by providing virtualization technology of resources
through internet. Cloud computing is the emerging field, due to
this reason the various new techniques are still developing. At
current scenario new security challenges were increases for cloud
professionals. Due to lack of security in cloud computing
environment user of cloud lost it trust in cloud. Multi-tenancy,
elasticity, Security Performance and Optimization, etc are
various security issues in cloud computing. In this paper we will
discuss some of the issue in cloud. This paper also discuss some of
the existing security technique for securing a cloud and help
researchers and professionals to know about various security
threats.
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...IIJSRJournal
Usually, cloud infrastructure is used individually by businesses, whereas the hybrid cloud would be a blend of two or many kinds of clouds. Because as clouds become increasingly common, safety issues also expanding. Because of such cybersecurity threats, numerous experts suggested procedures as well as ways to assure internet confidentiality. Providers of cloud-based services were accountable for the complete safety of cloud information. Nevertheless, since the clouds are accessible (easily accessible over the World wide web), much research has been conducted on cloud storage cybersecurity. This paper describes methods for enhancing security and reliability in decentralized cloud-based solutions, as well as suggests a few security solution methods of implementation.
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
Security for Effective Data Storage in Multi CloudsEditor IJCATR
Cloud Computing is a technology that uses the internet and central remote servers to maintain data and
applications. Cloud computing allows consumers and businesses to use applications without installation and access their personal
files at any computer with internet access. This technology allows for much more efficient computing by centralizing data
storage, processing and bandwidth. The use of cloud computing has increased rapidly in many organizations. Cloud computing
provides many benefits in terms of low cost and accessibility of data. Ensuring the security of cloud computing is a major factor
in the cloud computing environment, as users often store sensitive information with cloud storage providers but these providers
may be untrusted. Dealing with “single cloud” providers is predicted to become less popular with customers due to risks of
service availability failure and the possibility of malicious insiders in the single cloud. A movement towards “multi-clouds”, or in
other words, “interclouds” or “cloud-of clouds” has emerged recently. This paper surveys recent research related to single and
multi-cloud security and addresses possible solutions. It is found that the research into the use of multicloud providers to maintain
security has received less attention from the research community than has the use of single clouds. This work aims to promote the
use of multi-clouds due to its ability to reduce security risks that affect the cloud computing user.
Cloud computing is an internet-based computing technology, where shared re-sources
such as software, platform, storage and information are provided to customers on demand.
Cloud computing is a computing platform for sharing resources that include infrastructures,
software, applications, and business processes. The exact definition of cloud computing is A
large-scale distributed computing paradigm that is driven by economies of scale, in which a
pool of abstracted, virtualized, dynamically scalable, managed computing power, storage,
platforms, and services are delivered on demand to external customers over the Internet .
Security threat issues and countermeasures in cloud computingJahangeer Qadiree
Cloud computing field has reached to the highest level of technical heights. The security problems of cloud computing hinders
its development. It is totally internet based technology where the resources and information shared on a distributed network. So
it is important for both provider as well as consumer to provide the security and trust to share the data for developing clou d
computing applications. Because now organizations are now moving fast towards the cloud. So there is the possibility of threats
that will harm the data on the cloud. In our paper we mainly focuses on security threats of cloud computing system also we
mention some solutions and countermeasures on these security problems
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Cloud computing provides the facility to access shared resources and common support which contributes services on demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that user’s private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority sharing is attractive for multi-user collaborative cloud applications.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
1. 1
1. ABSTRACT
Cloud is basically a clusters of multiple dedicated servers attached within a
network. Cloud Computing is a network based environment that focuses on sharing
computations or resources. In cloud customers only pay for what they use and have
not to pay for local resources which they need such as storage or infrastructure. so
this is the main advantage of cloud computing and main reason for gaining popularity
in todays world Also..But in cloud the main problem that occurs is security. And now
a day’s security and privacy both are main concern that needed to be considered. To
overcome the problem of security we are introducing the new technique which is
called as Fog Computing .Fog Computing is not a replacement of cloud it is just
extends the cloud computing by providing security in the cloud environment. With
Fog services we are able to enhance the cloud experience by isolating user’s data that
need to live on the edge. The main aim of fog computing is to place the data close to
the end user.
2. 2
2. INTRODUCTION
In today's worlds the small as well as big -big organizations are using cloud computing
technology to protect their data and to use the cloud resources as and when they need.
Cloud is a subscription based service .Cloud computing is a shared pool of resources. The
way of use computers and store our personal and business information can arises new
data security challenges. Encryption mechanisms not protect the data in the cloud from
unauthorized access. As we know that the traditional database system are usually
deployed in closed environment where user can access the system only through a
restricted network or internet. With the fast growth of W.W.W user can access virtually
any database for which they have proper access right from anywhere in the world . By
registering into cloud the users are ready to get the resources from cloud providers and
the organization can access their data from anywhere and at any time when they need.
But this comfortness comes with certain type of risk like security and privacy. To
overcome by this problem we are using a new technique called as fog computing. Fog
computing provides security in cloud environment in a greater extend to get the benefit of
this technique a user need to get registered with the fog. once the user is ready by filling
up the sign up form he will get the message or email that he is ready to take the services
from fog computing.
2.1 Existing System
Existing data protection mechanisms such as encryption was failed in securing the
data from the attackers. It does not verify whether the user was authorized or not. Cloud
computing security does not focus on ways of secure the data from unauthorized access.
Encryption does not provide much security to our data. In 2009.We have our own
confidential documents in the cloud. This files does not have much security. So, hacker
gains access the documents. Twitter incident is one example of a data theft attack in the
Cloud. Difficult to find the attacker. In 2010 and 2011 Cloud computing security was
developed against attackers. Finding of hackers in the cloud. Additionally, it shows that
recent research results that might be useful to protect data in the cloud.
3. 3
2.2 Proposed System
We proposed a completely new technique to secure user’s data in cloud using user
behavior and decoy information technology called as Fog Computing. We use this
technique to provide data security in the cloud. A different approach for securing data in
the cloud using offensive decoy technology. We monitor data access in the cloud and
detect abnormal data access patterns. In this technique when the unauthorized person try
to access the data of the real user the system generates the fake documents in such a way
that the unauthorized person was also not able to identify that the data is fake or real .It is
identified thought a question which is entered by the real user at the time of filling the
sign up form. If the answer of the question is wrong it means the user is not the real user
and the system provide the fake document else original documents will be provided by
the system to the real user.
4. 4
3. SYSTEM OVERVIEW
3.1 Cloud Architecture
In Cloud architecture, the systems architecture(A system architecture or systems
architecture is the conceptual model that defines the structure, behavior, and more views
of a system. An architecture description is a formal description and representation of a
system) of the software systems(The term software system is often used as a synonym of
computer program or software.) involved in the delivery of cloud computing, typically
involves multiple cloud components communicating with each other over application
programming interfaces, usually web services. This resembles the Unix philosophy of
having multiple programs each doing one thing well and working together over universal
interfaces. Complexity is controlled and the resulting systems are more manageable than
their monolithic counterparts.
Fig 1 :Cloud Computing Sample Architecture
5. 5
3.2 Cloud computing Services:
Cloud computing is a model for enabling convenient, on demand network access
to a shared pool of configurable computing resources (for example, networks, servers,
storage, applications, and services) that can be rapidly provisioned and released with
minimal management effort or service-provider interaction. It is divide into three types.
1. Application as a service.
2. Infrastructure as a service.
3. Platform as a service.
Fig 2: Cloud computing Services
Cloud computing exhibits the following key characteristics:
1. Agility:
improves with users' ability to re-provision technological infrastructure resources.
6. 6
2. Cost:
Cost is claimed to be reduced and in a public cloud delivery model capital
expenditure is converted to operational expenditure. This is purported to
lower barriers to entry, as infrastructure is typically provided by a third-party and
does not need to be purchased for one-time or infrequent intensive computing tasks.
Pricing on a utility computing basis is fine-grained with usage-based options and
fewer IT skills are required for implementation. The e-FISCAL project's state of the
art repository contains several articles looking into cost aspects in more detail, most
of them concluding that costs savings depend on the type of activities supported and
the type of infrastructure available in-house.
3. Virtualization:
Technology allows servers and storage devices to be shared and utilization be
increased. Applications can be easily migrated from one physical server to another.
4. Multi tenancy:
Enables sharing of resources and costs across a large pool of users thus allowing
for.
5. Centralization:
Centralization of infrastructure in locations with lower costs. (such as real estate,
electricity, etc.)
6. Utilization and efficiency:
Improvements for systems that are often only 10–20% utilized.
7. Reliability:
Reliability is improved if multiple redundant sites are used, which makes well-
designed cloud computing suitable for business continuity and disaster recovery.
7. 7
8. Performance:
Performance is monitored and consistent and loosely coupled architectures are
constructed using web services as the system interface.
9. Security:
Could improve due to centralization of data, increased security-focused resources,
etc., but concerns can persist about loss of control over certain sensitive data, and
the lack of security for stored kernels. Security is often as good as or better than
other traditional systems, in part because providers are able to devote resources to
solving security issues that many customers cannot afford. However, the
complexity of security is greatly increased when data is distributed over a wider
area or greater number of devices and in multi-tenant systems that are being shared
by unrelated users. In addition, user access to security audit logs may be difficult or
impossible. Private cloud installations are in part motivated by users' desire to retain
control over the infrastructure and avoid losing control of information security.
10. Maintenance:
Maintenance of cloud computing applications is easier, because they do not need to
be installed on each user's computer and can be accessed from different places.
Fig 3: Represents The Benefit
8. 8
3.3 Security Issues in Service Model
Cloud computing having three delivery models through which services are
delivered to end users. These models are SaaS, IaaS and PaaS which provide software,
Infrastructure and platform assets to the users. They have different level of security
requirements.
Fig 4 : Security Issues in Service Model
Security issues in SaaS:
Software as service is a model, where the software applications are hosted slightly by the
service provider and available to users on request, over the internet. In SaaS, client data is
available on the internet and may be visible to other users, it is the responsibility of
provider to set proper security checks for data protection. This is the major security risk,
which create a problem in secure data migration and storage. The following security
measures should be counted in SaaS application improvement process such that Data
Security, Data locality, Data integrity, Data separation, Data access, Data confidentiality,
Data breaches, Network Security, Authentication and authorization, Web application
security, Identity management process. The following are the basics issues through which
malicious user get access and violate the data Aruna et al., International Journal of SQL
Injection flaw, Cross-site request forgery, Insecure storage, Insecure configuration.
9. 9
Security issues in PaaS:
PaaS is the layer above the IaaS. It deals with operating system, middleware, etc. It
provides set of service through which a developer can complete a development process
from testing to maintenance. It is complete platform where user can complete
development task without any hesitation. In PaaS, the service provider give some
command to customer over some application on platform. But still there can be the
problem of security like intrusion etc, which must be assured that data may not be
accessible between applications.
Security issues in IaaS:
IaaS introduce the traditional concept of development, spending a huge amount on data
centers or managing hosting forum and hiring a staff for operation. Now the IaaS give an
idea to use the infrastructure of any one provider, get services and pay only for resources
they use. IaaS and other related services have enable set up and focus on business
improvement without worrying about the organization infrastructure. The IaaS provides
basic security firewall, load balancing, etc. In IaaS there is better control over the
security, and there is no security gap in virtualization manager. The main security
problem in IaaS is the trustworthiness of data that is stored within the provider’s
hardware.
3.4 Cloud Computing Security Threats and solution
Top seven security threats to cloud computing discovered by “Cloud Security
Alliance” (CSA) are:
i. Abuse and Nefarious Use of Cloud Computing:
Abuse and nefarious use of cloud computing is the top threat identified by the CSA. A
simple example of this is the use of botnets to spread spam and malware. Attackers can
10. 10
infiltrate a public cloud, for example, and find a way to upload malware to thousands of
computers and use the power of the cloud infrastructure to attack other machines.
Suggested remedies by the CSA to lessen this threat:
Stricter initial registration and validation processes.
Enhanced credit card fraud monitoring and coordination.
Comprehensive introspection of customer network traffic.
Monitoring public blacklists for one’s own network blocks.
ii. Insecure Application Programming Interfaces:
As software interfaces or APIs are what customers use to interact with cloud services,
those must have extremely secure authentication, access control, encryption and activity
monitoring mechanisms - especially when third parties start to build on them. Suggested
remedies by CSA to lessen this threat:
Analyze the security model of cloud provider interfaces.
Ensure strong authentication and access controls are implemented in concert with
encrypted transmission.
Understand the dependency chain associated with the API.
iii. Malicious Insiders:
The malicious insider threat is one that gains in importance as many providers still don't
reveal how they hire people, how they grant them access to assets or how they monitor
them. Transparency is, in this case, vital to a secure cloud offering, along with
compliance reporting and breach notification. Suggested remedies by CSA to lessen this
threat:
Enforce strict supply chain management and conduct a comprehensive supplier
assessment.
12. 12
Analyze data protection at both design and run time.
Implement strong key generation, storage and management, and destruction
practices.
Contractually demand providers to wipe persistent media before it is released into
the pool.
Contractually specify provider backup and retention strategies.
vi. Account, Service & Traffic Hijacking:
Account service and traffic hijacking is another issue that cloud users need to be aware
of. These threats range from man-in the-middle attacks, to phishing and spam campaigns,
to denial-of service attacks. Suggested remedies by CSA to lessen this threat:
Prohibit the sharing of account credentials between users and services.
Leverage strong two-factor authentication techniques where possible.
Employ proactive monitoring to detect unauthorized activity.
Understand cloud provider security policies and SLAs.
vii. Unknown Risk Profile:
Security should be always in the upper portion of the priority list. Code updates, security
practices, vulnerability profiles, intrusion attempts – all things that should always be kept
in mind ,Suggested remedies by CSA to lessen this threat:
Disclosure of applicable logs and data.
Partial/full disclosure of infrastructure details (e.g., patch levels, firewalls, etc).3
Monitoring and alerting on necessary information.
13. 13
4. SECURING CLOUDS USING FOG
4.1 Fog Computing:
Below is the reference architecture of a Fog computing environment in an enterprise.
You can see that the Fog network is close to the smart devices, data processing is
happening closer to the devices and the processed information is passed to the cloud
computing environment.
Fig 5: Reference Architecture
Just got comfortable with the concept of cloud computing Well, that is now in past.
Cloud computing has now been overtaken by a new concept called fog computing
which is certainly much better and bigger than the cloud.
Fog computing is quite similar to cloud and just like cloud computing it also
provides its users with data, storage, compute and application services. The thing that
distinguishes fog from cloud is its support for mobility, its proximity to its end-users
14. 14
and its dense geographical distribution. Its services are hosted at the network edge or
even on devices such as set-top-boxes or access points. By doing this, fog computing
helps in reducing service latency and even improves QoS, which further result in a
superior user experience.
Fog computing even supports emerging Internet of Things (IoT) applications that
require real time or predictable latency. A thing in Internet of Things is referred to as
any natural or manmade object that can be assigned an Internet Protocol (IP) address
and provided with an ability to transfer data over a network. Some of these can end up
creating a lot of data. Cisco here provides us with an example of a jet engine, which is
capable of creating 10 terabytes of data about its condition and performance that too in
half-hour. Transmitting all this data to the cloud and then transmitting response data
back ends up creating a huge demand on bandwidth. This process further requires a
considerable amount of time to take place and can suffer from latency.
In fog computing, much of the processing takes place in a router. This type of
computing creates a virtual platform that provides networking, compute and
storage services between traditional cloud computing data centers and end devices.
These services are central to both fog and cloud computing. They are also important
for supporting the emerging Internet deployments. Fog computing also has the
capability of enabling a new breed of aggregated services and applications, such as the
smart energy distribution. In smart energy distribution, all the energy load balancing
apps will run on network edge devices that will automatically switch to alternative
energies like wind and solar etc., based on availability, demand and lowest price.
The usage of fog computing can accelerate the innovation process in ways that
has never been seen before. This includes self-healing, self-organising and self-
learning apps for industrial networks. products.
15. 15
Fig 6 : Without Fog Computing and With Fog Computing in Grid
16. 16
4.2 Real-Time Large Scale Distributed Fog Computing
"Fog Computing" is a highly distributed broadly decentralized "cloud" that operates
close to the operational level, where data is created and most often used. Fog
computing at the ground-level is an excellent choice for applications that need
computing near use that is fit for purpose, where there is high volume real-time and/or
time-critical local data, where data has the greatest meaning within its context, where
fast localized turn around of results is important, where sending an over abundance of
raw data to an enterprise "cloud" is unnecessary, undesireable or bandwidth is
expensive or limited.
Example applications of fog computing within an industrial context are
analytics, optimization and advanced control at a manufacturing work center, unit-
operation, across and between unit-operations where sensors, controllers, historians,
analytical engines all share data interactively in real-time. At the upper edges of the
"fog" is local site-wide computing, such manufacturing plant systems that span work
centers and unit operations, higher yet would be regional clouds and finally the cloud at
the enterprise level. Fog computing is not independent of enterprise cloud computing,
but connected to it sending cleansed summarized information and in return receiving
enterprise information needed locally.
Fog computing places data management, compute power, performance,
reliability and recovery in the hands of the people who understand the needs; the
operators, engineers and IT staff for a unit operation, an oil and gas platform, or other
localized operation, so that it can be tailored for "fit-for-purpose" in a high speed real-
time environment.
Fog computing reduces bandwidth needs, as 80% of all data is needed within the
local context, such as; pressures, temperatures, materials charges, flow rates. To send
such real-time information into the enterprise cloud would be burdensome in bandwidth
and centralized storage. Enterprise data base bloat would occur for information rarely
17. 17
used at that level. In this way a limited amount of summarized information can be
transmitted up to the cloud and also down from the cloud to the local operation, such as
customer product performance feedback to the source of those products.
Fig 7 : Real-Time Large Scale Distributed Fog Computing
We place computing where it is needed, and performant, suited for the purpose, sitting
where it needs to be, at a work center, inside a control panel, at a desk, in a lab, in a rack
in a data center, anywhere and everywhere, all sharing related data to understand and
improve your performance. While located throughout your organization, a fog computing
system operates as a single unified resource, a distributed low level cloud that integrates
with centralized clouds to obtain market and customer feedback, desires and behavior’s
that reflect product performance in the eyes of the customer.
18. 18
The characteristics of a fog computing system are:
A Highly Distributed Concurrent Computing (HDCC) System.
A peer-to-peer mesh of computational nodes in a virtual hierarchical structure
that matches your organization
Communicates with smart sensors, controllers, historians, quality and materials
control systems and others as peers
Runs on affordable, off the shelf computing technologies
Supports multiple operating platforms; Unix, Windows, Mac
Employs simple, fast and standardized IoT internet protocols (TCP/IP, Sockets,
etc.)
Browser user experience, after all, it is the key aspect of an "Industrial Internet of
Things"
Built on field-proven high performance distributed computing technologies.
Capturing,historizing,validating,cleaning and filtering, integrating, analyzing, predicting,
adapting and optimizing performance at lower levels across the enterprise in real-time
requires High Performance Computing (HPC) power. This does not necessarily mean
high expense, as commercial off the shelf standard PCs with the power of a typical laptop
computer will suffice and the software running the system need not be expensive.
To architect such a system, we draw upon the experiences, architectures, tools and
successes of such computing giants as Google, Amazon, YouTube, Facebook , Twitter
and others. They have created robust high performance computing architectures that span
global data centers. They have provided development tools and languages such as
Google's GO (golang) that are well suited for high speed concurrent distributed
processing and robust networking and web services. Having a similar need, but more
finely distributed, we can adopt similar high performance computing architectures to
deliver and share results where they are needed in real-time.
19. 19
There are various ways to use cloud services to save or store files, documents and
media in remote services that can be accessed whenever user connect to the Internet. The
main problem in cloud is to maintain security for user’s data in way that guarantees only
authenticated users and no one else gain access to that data. The issue of providing
security to confidential information is core security problem, that it does not provide level
of assurance most people desire. There are various methods to secure remote data in
cloud using standard access control and encryption methods. It is good to say that all the
standard approaches used for providing security have been demonstrated to fail from time
to time for a variety of reasons, including faulty implementations, buggy code, insider
attacks, misconfigured services, and the creative construction of effective and
sophisticated attacks not envisioned by the implementers of security procedures. Building
a secure and trustworthy cloud computing environment is not enough, because attacks on
data continue to happen, and when they do, and information gets lost, there is no way to
get it back. There is needs to get solutions to such accidents. The basic idea is that we can
limit the damage of stolen data if we decrease the value of that stolen data to the attacker.
We can achieve this through a preventive decoy (disinformation) attack. We can secure
Cloud services by implementing given additional security features.
The basic idea is that we can limit the damage of stolen data if we decrease the
value of that stolen information to the attacker. We can achieve this through a
‘preventive’ disinformation attack. We posit that secure Cloud services can be
implemented given two additional security features:
4.3 User Behavior Profiling
It is expected that access to a user’s information in the Cloud will exhibit a normal
means of access. User profiling is a well known technique that can be applied here to
model how, when, and how much a user accesses their information in the Cloud. Such
‘normal user’ behavior can be continuously checked to determine whether abnormal
access to a user’s information is occurring. This method of behavior-based security is
commonly used in fraud detection applications. Such profiles would naturally include
20. 20
volumetric information, how many documents are typically read and how often. These
simple userspecific features can serve to detect abnormal Cloud access based partially
upon the scale and scope of data transferred.
4.4 : Decoy System
Decoy data, such as decoy documents, honey pots and other bogus information
can be generated on demand and used for detecting unauthorized access to information
and to „poison‟ the thief’s ex-filtrated information. Serving decoys will confuse an
attacker into believing they have ex-filtrated useful information, when they have not. This
technology may be integrated with user behavior profiling technology to secure a user’s
data in the Cloud. . Whenever abnormal and unauthorized access to a cloud service is
noticed, decoy information may be returned by the Cloud and delivered in such a way
that it appear completely normal and legitimate. The legitimate user, who is the owner of
the information, would readily identify when decoy information is being returned by the
Cloud, and hence could alter the Cloud’s responses through a variety of means, such as
challenge questions, to inform the Cloud security system that it has incorrectly detected
an unauthorized access. In the case where the access is correctly identified as an
unauthorized access, the Cloud security system would deliver unbounded amounts of
bogus information to the attacker, thus securing the user’s true data from can be
implemented by given two additional security features: (1) validating whether data access
is authorized when abnormal information access is detected, and (2) confusing the
attacker with bogus information that is by providing decoy documents. We have applied
above concepts to detect unauthorized data access to data stored on a local file system by
masqueraders, i.e. attackers who view of legitimate users after stealing their credentials.
Our experimental results in a local file system setting show that combining both
techniques can yield better detection results .This results suggest that this approach may
work in a Cloud environment, to make cloud system more transparent to the user as a
local file system.
21. 21
Fig 8: Decoy system
Anomaly Detection :
The current logged in user access behavior is compared with the past behavior of the
user.If the user behavior is exceeding the threshold value or a limit, then the remote user
is suspected to be anomaly. If the current user behavior is as the past behavior, the user is
allowed to operate on the original data.
Challenge Request :
If the current user‘s behavior seems anomalous, then the user is asked for randomly
selected secret questions. If the user fails to provide correct answers for a certain limits or
threshold, the user is provided with decoy files. If the user provided correct answers for a
limit, the user is treated as normal user. Sub subsection .
22. 22
Algorithm Details :
AES ( Advanced Encryption Standards)
The Advanced Encryption Standard (AES) is a symmetric-key encryption standard
approved by NSA for top secret information and is adopted by the U.S. government. AES
is based on a design principle known as a substitution permutation network. The standard
comprises three block ciphers: AES-128, AES-192 and AES-256. Each of these ciphers
has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The AES
ciphers have been analyzed extensively and are now used worldwide; AES was selected
due to the level of security it offers and its well documented implementation and
optimization techniques. Furthermore, AES is very efficient in terms of both time and
memory requirements. The block ciphers have high computation intensity and
independent workloads (apply the same steps to different blocks of plain text).
Explanations:
AES is based on a design principle known as a Substitution permutation network. It is
fast in both software and hardware. Unlike its predecessor, DES, AES does not use a
Feistelnetwork.AES has a fixed block size of 128 bits and a key size of 128, 192, or 256
bits, whereas Rijndael can be specified with block and key sizes in any multiple of 32
bits, with a minimum of 128 bits. The block size has a maximum of 256 bits, but the key
size has no theoretical maximum.AES operates on a 4×4 column-major order matrix of
bytes, termed the state (versions of Rijndael with a larger block size have additional
columns in the state). Most AES calculations are done in a special field. The AES cipher
is specified as a number of repetitions of transformation rounds that convert the input
plaintext into the final output of cipher text. Each round consists of several processing
23. 23
steps, including one that depends on the encryption key. A set of reverse rounds are
applied to transform cipher text back into the original plaintext using the same encryption
key.
High-level description of the algorithm
1. Key Expansion: Round keys are derived from the cipher key using Rijndael's key
schedule.
2. Initial Round
AddRoundKey: Each byte of the state is combined with the round key using bitwise xor.
3. Rounds
1. SubBytes—a non-linear substitution step were each byte is replaced with
another according to alookup table.
2. ShiftRows—a transposition step where each row of the state is shifted
cyclically a certain number of steps.
3. MixColumns—a mixing operation which operates on the columns of the state,
combining the four bytes in each column.
4. AddRoundKey Final Round (no MixColumns)
5. SubBytes
6. ShiftRows
7. AddRoundKey
24. 24
5. APPLICATIONS OF FOG COMPUTING
We elaborate on the role of Fog computing in the following six motivating scenarios. The
advantages of Fog computing satisfy the requirements of applications in these scenarios.
Fog computing in Smart Grid:
Energy load balancing applications may run on network edge devices, such as smart
meters and micro-grids . Based on energy demand, availability and the lowest price, these
devices automatically switch to alternative energies like solar and wind.
Fog computing in smart traffic lights and connected vehicles:
Video camera that senses an ambulance flashing lights can automatically change street
lights to open lanes for the vehicle to pass through traffic. Smart street lights interact
locally with sensors and detect presence of pedestrian and bikers, and measure the
distance and speed of approaching vehicles.
Wireless Sensor and Actuator Networks:
Traditional wireless sensor networks fall short in applications that go beyond sensing and
tracking, but require actuators to exert physical actions like opening, closing or even
carrying sensors. In this scenario, actuators serving as Fog devices can control the
measurement process itself, the stability and the oscillatory behaviours by creating a
closed-loop system. For example, in the scenario of self-maintaining trains, sensor
monitoring on a train’s ball-bearing can detect heat levels, allowing applications to send
an automatic alert to the train operator to stop the train at next station for emergency
maintenance and avoid potential derailment. In lifesaving air vents scenario, sensors on
vents monitor air conditions flowing in and out of mines and automatically change air-
flow if conditions become dangerous to miners.
25. 25
Decentralized Smart Building Control:
The applications of this scenario are facilitated by wireless sensors deployed to measure
temperature, humidity, or levels of various gases in the building atmosphere. In this case,
information can be exchanged among all sensors in a floor, and their readings can be
combined to form reliable measurements.The system components may then work
together to lower the temperature, inject fresh air or open windows. Air conditioners can
remove moisture from the air or increase the humidity. Sensors can also trace and react to
movements (e.g, by turning light on or off). Fog devices could be assigned at each floor
and could collaborate on higher level of actuation. With Fog computing applied in this
scenario, smart buildings can maintain their fabric, external and internal environments to
conserve energy, water and other resources.
IoT and Cyber-physical systems (CPSs):
Fog computing based systems are becoming an important class of IoT and CPSs. Based
on the traditional information carriers including Internet and telecommunication network,
IoT is a network that can interconnect ordinary physical objects with identified addresses.
CPSs feature a tight combination of the system’s computational and physical elements.
CPSs also coordinate the integration of computer and information centric physical and
engineered systems. IoT and CPSs promise to transform our world with new relationships
between computer-based control and communication systems, engineered systems and
physical reality. Fog computing in this scenario is built on the concepts of embedded
systems in which software programs and computers are embedded in devices for reasons
other than computation alone. Examples of the devices include toys, cars, medical
devices and machinery. The goal is to integrate the abstractions and precision of software
and networking with the dynamics, uncertainty and noise in the physical environment.
Using the emerging knowledge, principles and methods of CPSs, we will be able to
develop new generations of intelligent medical devices and systems, ‘smart’ highways,
buildings, factories, agricultural and robotic systems.
26. 26
Software Defined Networks (SDN):
SDN is an emergent computing and networking paradigm, and became one of the most
popular topics in IT industry. It separates control and data communication layers. Control
is done at a central. ized server, and nodes follow communication path decided by the
server. The centralized server may need distributed implementation. SDN concept was
studied in WLAN, wireless sensor and mesh networks, but they do not involve multihop
wireless communication, multi-hop routing. Moreover, there is no communication
between peers in this scenario. SDN concept together with Fog computing will resolve
the main issues in vehicular networks, intermittent connectivity, collisions and high
packet loss rate, by augmenting vehicleto-vehicle with vehicle-to-infrastructure
communications and centralized control. SDN concept for vehicular networks is first
proposed in.
27. 27
6. SECURITY AND PRIVACY IN FOG COMPUTING
Security and privacy issues were not studied in the context of fog computing.
They were studied in the context of smart grids and machine-to-machine
communications .There are security solutions for Cloud computing. However, they may
not suit for Fog computing because Fog devices work at the edge of networks. The
working surroundings of Fog devices will face with many threats which do not exist in
well managed Cloud. In this section, we discuss the security and privacy issues in Fog
Computing.
Security Issues
The main security issues are authentication at different levels of gateways as well as (in
case of smart grids) at the smart meters installed in the consumer’s home. Each smart
meter and smart appliance has an IP address. A malicious user can either tamper with its
own smart meter, report false readings, or spoof IP addresses. There are some solutions
for the authentication problem. The work elaborated public key infrastructure (PKI)
based solutions which involve multicast authentication. Some authentication techniques
using Diffie-Hellman key exchange have been discussed in . Smart meters encrypt the
data and send to the Fog device, such as a home-area network (HAN) gateway. HAN
then decrypts the data, aggregates the results and then passes them forward. Intrusion
detection techniques can also be applied in Fog computing [28]. Intrusion in smart grids
can be detected using either a signature-based method in which the patterns of behaviour
are observed and checked against an already existing database of possible misbehaviours.
Intrusion can also be captured by using an anomaly-based method in which an observed
behaviour is compared with expected behaviour to check if there is a deviation. The work
develops an algorithm that monitors power flow results and detects anomalies in the input
values that could have been modified by attacks. The algorithm detects intrusion by using
principal component analysis to separate power flow variability into regular and irregular
subspaces.
28. 28
7. Combining User Behavior Profiling and Decoy
Technology
We posit that the combination of these two security features will provide
unprecedented levels of security for the Cloud. No current Cloud security mechanism
is available that provides this level of security. We have applied these concepts to
detect illegitimate data access to data stored on a local file system by masqueraders,
i.e. attackers who impersonate legitimate users after stealing their credentials. One
may consider illegitimate access to Cloud data by a rogue insider as the malicious act
of a masquerader. Our experimental results in a local file system setting show that
combining both techniques can yield better detection results, and our results suggest
that this approach may work in a Cloud environment, as the Cloud is intended to be
as transparent to the user as a local file system. In the following we review briefly
some of the experimental results achieved by using this approach to detect
masquerade activity in a local file setting. A. Combining User Behavior Profiling and
Decoy Technology for Masquerade Detection.
7.1 User Behavior Profiling
Legitimate users of a computer system are familiar with the files on that
system and where they are located. Any search for specific files is likely to be
targeted and limited. A masquerader, however, who gets access to the victim’s system
illegitimately, is unlikely to be familiar with the structure and contents of the file
system. Their search is likely to be widespread and untargeted. Based on this key
assumption, we profiled user search behavior and developed user models trained with
a oneclass modeling technique, namely one-class support vector machines. The
importance of using one-class modeling stems from the ability of building a classifier
without having to share data from different users. The privacy of the user and their
data is therefore preserved. We monitor for abnormal search behaviors that exhibit
deviations from the user baseline. According to our assumption, such deviations
29. 29
signal a potential masquerade attack. Our previous experiments validated our
assumption and demonstrated that we could reliably detect all simulated masquerade
attacks using this approach with a very low false positive rate of 1.12% .
7.2 Decoy Technology
We placed traps within the file system. The traps are decoy files downloaded
from a Fog computing site, an automated service that offers several types of decoy
documents such as tax return forms, medical records, credit card statements, e-bay
receipts, etc. [10]. The decoy files are downloaded by the legitimate user and placed
in highly-conspicuous locations that are not likely to cause any interference with the
normal user activities on the system. A masquerader, who is not familiar with the file
system and its contents, is likely to access these decoy files, if he or she is in search
for sensitive information, such as the bait information 126embedded in these decoy
files. Therefore, monitoring access to the decoy files should signal masquerade
activity on the system. The decoy documents carry a keyed-Hash Message
Authentication Code (HMAC), which is hidden in the header section of the
document. The HMAC is computed over the file’s contents using a key unique to
each user. When a decoy document is loaded into memory, we verify whether the
document is a decoy document by computing a HMAC based on all the contents of
that document. We compare it with HMAC embedded within the document. If the
two HMACs match, the document is deemed a decoy and an alert is issued.
7.3 Combining the Two Techniques
The correlation of search behavior anomaly detection with trap-based decoy
files should provide stronger evidence of malfeasance, and therefore improve a
detector’s accuracy. We hypothesize that detecting abnormal search operations
performed prior to an unsuspecting user opening a decoy file will corroborate the
suspicion that the user is indeed impersonating another victim user. This scenario
covers the threat model of illegitimate access to Cloud data. Furthermore, an
30. 30
accidental opening of a decoy file by a legitimate user might be recognized as an
accident if the search behavior is not deemed abnormal. In other words, detecting
abnormal search and decoy traps together may make a very effective masquerade
detection system. Combining the two techniques improves detection accuracy. We
use decoys as an oracle for validating the alerts issued by the sensor monitoring the
user’s file search and access behavior. In our experiments, we did not generate the
decoys on demand at the time of detection when the alert was issued. Instead, we
made sure that the decoys were conspicuous enough for the attacker to access them if
they were indeed trying to steal information by placing them in highly conspicuous
directories and by giving them enticing names. With this approach, we were able to
improve the accuracy of our detector. Crafting the decoys on demand improves the
accuracy of the detector even further. Combining the two techniques, and having the
decoy documents act as an oracle for our detector when abnormal user behavior is
detected may lower the overall false positive rate of detector. We trained eighteen
classifiers with computer usage data from 18 computer science students collected
over a period of 4 days on average. The classifiers were trained using the search
behavior anomaly detection described in a prior paper. We also trained another 18
classifiers using a detection approach that combines user behavior profiling with
monitoring access to decoy files placed in the local file system, as described above.
We tested these classifiers using simulated masquerader data. Figure 1 displays the
AUC scores achieved by both detection approaches by user model1. The results show
that the models using the combined detection approach achieve equal or better results
than the search profiling approach alone.
31. 31
8. FOG COMPUTING ARCHITECTURE
Fog Computing system is trying to work against the attacker specially malicious
insider. Here malicious insider means Insider attacks can be performed by malicious
employees at the providers or users site. Malicious insider can access the confidential
data of cloud users. A malicious insider can easily obtain passwords, cryptographic keys
and files. The threat of malicious attacks has increased due to lack of transparency in
cloud providers processes and procedures .It means that a provider may not know how
employees are granted access and how this access is monitored or how reports as well as
policy compliances are analyzed.
Fig 9: Fog Computing Architecture
32. 32
Above fig. states the actual working of the fog computing. In two ways login is done in
system that are admin login and user login .When admin login to the system there are
again two steps to follow: step1:Enter username step2:Enter the password . After
successful login of admin he can perform all admin related tasks, but while downloading
any file from fog he have to answer the security Question if he answer it correctly then
only original file can be download. In other case, when admin or user answer incorrectly
to the security question then decoy document (fake document) is provided to the fake
user.
Decoy technology work in the given manner if you have any word ,suppose
“MADAM” in the document then some alphabets are replaced as M->A then the given
word become “AADAA” which have no meaning. In some Case, if attacker getting to
know that, M is replaced by A in the given document and by applying reverse
engineering he get result as “MMDMM”. In any case he can’t judge content of
document.When user login to the system he also have to follow the same procedure as
admin. Operations like upload files/documents, download files/documents, view alerts,
send message, read message, broadcast any message all these can be perform by the user.
ALERT this stream provide the detail knowledge of attack done on their personal
file/document with details like date, time, no of times the attacker trying to hack that
file/document .Best thing of fog Computing is after each successful login the user get
SMS on the mobile that „login successful‟. from this the user get alert when other else
trying to gain access to his/her personal fog account and when attacker trying to
download some files/documents then user also get SMS that contain attacker ip-
address, attacker’s server name, date, time details on his/her mobile so that become easy
to catch attacker by tracing all these things. In this way fog computing is more secure
than the traditional cloud computing.
33. 33
9. ADVANTAGES AND DISADVANTAGES
ADVANTAGES
The advantages of placing decoys in a file system are threefold:
The detection of masquerade activity.
The confusion of the attacker and the additional costs incurred to distinguish
real from bogus information.
The deterrence effect which, although hard to measure, plays a significant role
in preventing masquerade activity by risk-averse attackers.
DISADVANTAGES
Nobody is identified when the attack is happen.
It is complex to detect which user is attack.
We cannot detect which file was hacking.
34. 34
10. CONCLUSION
With the increase of data theft attacks the security of user data security is
becoming a serious issue for cloud service providers for which Fog Computing is a
paradigm which helps in monitoring the behavior of the user and providing security to the
user’s data. The system was developed only with email provision but we have also
implemented the SMS technique. In Fog Computing we presenting a new approach for
solving the problem of insider data theft attacks in a cloud using dynamically generated
decoy files and also saving storage required for maintaining decoy files in the cloud. So
by using decoy technique in Fog can minimize insider attacks in cloud. Could provide
unprecedented levels of security in the Cloud and in social networks.
35. 35
11. SCOPE FUTURE ENHANCEMENTS
In our future work, this security system as we have explained is applicable only
for single cloud ownership system. If the cloud owner has a more than one clouds to
operate then our security system will not be applicable for providing security, therefore in
the future enhancement we can enhance our existing application to manage a cloud
environment which has more than one cloud architecture. Cloud computing is the future
for organizations.The considerable benefits that provide will make eventually all the
organizations totally move their processes and data to the Cloud. A lot of effort will be
put in return to provision the appropriate security to make business on cloud
environments. Although virtualization is already established, virtualization in the Cloud
is still an immature area. The focus of future works should aim to harden the security of
virtualization in multi-tenant environments. Possible lines of research are the
development of reliable and efficient virtual network securities to monitor the
communications between virtual machines in the same physical host. To achieve secure
virtualized environments, isolation between the different tenants is needed. Future
researches should aim to provide new architectures and techniques to harden the different
resources shared between tenants. The hypervisor is the most critical component of
virtualized environments. If compromised, the host and guest OSs could potentially be
compromised too. Hypervisor architectures that aim to minimize the code and, at the
same time, maintain the functionalities, provide an interesting future research to secure
virtualized environments and the Cloud, especially to prevent against future hypervisor
root kits.
36. 36
12. REFERENCES
Cloud Security Alliance, “Top Threat to Cloud Computing V1.0,” March 2010.
[Online].Available: https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
Prevention Of Malicious Insider In The Cloud Using Decoy Documents by S.
Muqtyar Ahmed, P. Namratha, C. Nagesh
Cloud Security: Attacks and Current Defenses Gehana Booth, Andrew Soknacki,
and Anil Somayaji.
Overview of Attacks on Cloud Computing by Ajey Singh, Dr. Maneesh
Shrivastava.
D.Jamil and H. Zaki, “Security Issues in Cloud Computing and
Countermeasures,” International Journal of Engineering Science and Technology,
Vol. 3 No. 4, pp. 2672-2676, April 2011.
K. Zunnurhain and S. Vrbsky, “Security Attacks and Solutions in Clouds,” 2nd
IEEE InternationalConference on Cloud Computing Technology and Science,
Indianapolis, December 2010.
W. A. Jansen, “Cloud Hooks: Security and Privacy Issues in Cloud Computing,”
44th Hawaii International Conference on System Sciences, pp. 1–10, Koloa,
Hawaii, January 2011.
F. Bonomi, “Connected vehicles, the internet of things, and fog computing,”in
The Eighth ACM International Workshop on Vehicular Inter-Networking
(VANET), Las Vegas, USA, 2011.
http ://cnc.ucr.edu/security/glossary.
http://technet.microsoft.com/enus/library/cc959354.aspx
Cisco Cloud Computing -Data Center Strategy, Architecture,and Solutions
http://www.cisco.com/web/strategy/docs/gov/CiscoCloudComputing_WP.pdf.
Fog Computing: Mitigating Insider Data Theft Attacks in The
Cloud.[Online].Available:http://ids.cs.columbia.edu/sites/default/files/Fog_Comut
ing_Position_Paper_WRIT_2012.pdf
M. Van Dijk and A. Juels, “On the impossibility of cryptography alone for
privacy-preserving cloud computing,” in Proceedings of the 5th USENIX
37. 37
conference on Hot topics in security, ser. HotSec’10. ”Berkeley, CA, USA”:
”USENIX Association”, 2010, pp. 1–8.
J. A. Iglesias, P. Angelov, A. Ledezma, and A. Sanchis, “Creating evolving user
behavior profiles automatically,” IEEE Trans. on Knowl. and Data Eng., vol. 24,
no. 5, pp. 854–867, May 2012.
F. Rocha and M. Correia, “Lucy in the sky without diamonds: Stealing
confidential data in the cloud,” in Proceedings of the 2011 IEEE/IFIP 41st
International Conference on Dependable Systems and Networks Workshops, ser.
DSNW ’11. Washington, DC, USA: IEEE Computer Society, 2011, pp. 129–134.
M. B. Salem and S. J. Stolfo, “Modeling user search behavior for masquerade
detection,” in Proceedings of the 14th international conference on Recent
Advances in Intrusion Detection, ser. RAID’11. Berlin, Heidelberg:
SpringerVerlag, 2011, pp. 181–200.
S. et al, “Decoy document deployment for effective masquerade attack detection,”
in Proceedings of the 8th international conference on Detection of intrusions and
malware, and vulnerability assessment, ser. DIMVA’11. Berlin, Heidelberg:
Springer-Verlag, 2011