International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
in cloud computing data storage is a significant issue
because the entire data reside over a set of interconnected
resource pools that enables the data to be accessed through
virtual machines. It moves the application software’s and
databases to the large data centers where the management of
data is actually done. As the resource pools are situated over
various corners of the world, the management of data and
services may not be fully trustworthy. So, there are various
issues that need to be addressed with respect to the
management of data, service of data, privacy of data, security
of data etc. But the privacy and security of data is highly
challenging. To ensure privacy and security of data-at-rest in
cloud computing, we have proposed an effective and a novel
approach to ensure data security in cloud computing by means
of hiding data within images following is the concept of
steganography. The main objective of this paper is to prevent
data access from cloud data storage centers by unauthorized
users. This scheme perfectly stores data at cloud data storage
centers and retrieves data from it when it is needed.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Cloud Computing Security Issues and ChallengesCSCJournals
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
in cloud computing data storage is a significant issue
because the entire data reside over a set of interconnected
resource pools that enables the data to be accessed through
virtual machines. It moves the application software’s and
databases to the large data centers where the management of
data is actually done. As the resource pools are situated over
various corners of the world, the management of data and
services may not be fully trustworthy. So, there are various
issues that need to be addressed with respect to the
management of data, service of data, privacy of data, security
of data etc. But the privacy and security of data is highly
challenging. To ensure privacy and security of data-at-rest in
cloud computing, we have proposed an effective and a novel
approach to ensure data security in cloud computing by means
of hiding data within images following is the concept of
steganography. The main objective of this paper is to prevent
data access from cloud data storage centers by unauthorized
users. This scheme perfectly stores data at cloud data storage
centers and retrieves data from it when it is needed.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSIJNSA Journal
Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Security of Data in Cloud Environment Using DPaaSIJMER
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Security & privacy issues of cloud & grid computing networksijcsa
Cloud computing is a new field in Internet computing that provides novel perspectives in internetworking
technologies. Cloud computing has become a significant technology in field of information technology.
Security of confidential data is a very important area of concern as it can make way for very big problems
if unauthorized users get access to it. Cloud computing should have proper techniques where data is
segregated properly for data security and confidentiality. This paper strives to compare and contrast cloud
computing with grid computing, along with the Tools and simulation environment & Tips to store data and
files safely in Cloud.
Cloud computing is a distributed computing system that offers managed, scalable and secured and high available computation resources and software as a service. Mobile computing is the combination of the heterogeneous domains like Mobile computing, Cloud computing & wireless networks.This paper mainly discusses the literature review on Cloud and the Mobile cloud computing. Here in this paper we analyse existing security challenges and issues involved in the cloud computing and Mobile cloud environment. This paper identifies key issues, which are believed to have long-term significance in cloud computing & mobile cloud security and privacy, based on documented problems and exhibited weaknesses.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
Cloud computing and security issues in theIJNSA Journal
Cloud computing has formed the conceptual and infrastructural basis for tomorrow’s computing. The
global computing infrastructure is rapidly moving towards cloud based architecture. While it is important
to take advantages of could based computing by means of deploying it in diversified sectors, the security
aspects in a cloud based computing environment remains at the core of interest. Cloud based services and
service providers are being evolved which has resulted in a new business trend based on cloud technology.
With the introduction of numerous cloud based services and geographically dispersed cloud service
providers, sensitive information of different entities are normally stored in remote servers and locations
with the possibilities of being exposed to unwanted parties in situations where the cloud servers storing
those information are compromised. If security is not robust and consistent, the flexibility and advantages
that cloud computing has to offer will have little credibility. This paper presents a review on the cloud
computing concepts as well as security issues inherent within the context of cloud computing and cloud
infrastructure.
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and managing a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud. There is a very low research done to develop the theory and practice of cloud forensic. The investigator has huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one among many problems is that the customer is only concerned of security and threat of unknown. The cloud service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSIJNSA Journal
Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Security of Data in Cloud Environment Using DPaaSIJMER
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Security & privacy issues of cloud & grid computing networksijcsa
Cloud computing is a new field in Internet computing that provides novel perspectives in internetworking
technologies. Cloud computing has become a significant technology in field of information technology.
Security of confidential data is a very important area of concern as it can make way for very big problems
if unauthorized users get access to it. Cloud computing should have proper techniques where data is
segregated properly for data security and confidentiality. This paper strives to compare and contrast cloud
computing with grid computing, along with the Tools and simulation environment & Tips to store data and
files safely in Cloud.
Cloud computing is a distributed computing system that offers managed, scalable and secured and high available computation resources and software as a service. Mobile computing is the combination of the heterogeneous domains like Mobile computing, Cloud computing & wireless networks.This paper mainly discusses the literature review on Cloud and the Mobile cloud computing. Here in this paper we analyse existing security challenges and issues involved in the cloud computing and Mobile cloud environment. This paper identifies key issues, which are believed to have long-term significance in cloud computing & mobile cloud security and privacy, based on documented problems and exhibited weaknesses.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
Cloud computing and security issues in theIJNSA Journal
Cloud computing has formed the conceptual and infrastructural basis for tomorrow’s computing. The
global computing infrastructure is rapidly moving towards cloud based architecture. While it is important
to take advantages of could based computing by means of deploying it in diversified sectors, the security
aspects in a cloud based computing environment remains at the core of interest. Cloud based services and
service providers are being evolved which has resulted in a new business trend based on cloud technology.
With the introduction of numerous cloud based services and geographically dispersed cloud service
providers, sensitive information of different entities are normally stored in remote servers and locations
with the possibilities of being exposed to unwanted parties in situations where the cloud servers storing
those information are compromised. If security is not robust and consistent, the flexibility and advantages
that cloud computing has to offer will have little credibility. This paper presents a review on the cloud
computing concepts as well as security issues inherent within the context of cloud computing and cloud
infrastructure.
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
Cloud computing is a heavily evolving topic in information technology (IT). Rather than creating, deploying and managing a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. Due to this large scale, in case an attack over the network of cloud, it’s a great challenge to investigate to cloud. There is a very low research done to develop the theory and practice of cloud forensic. The investigator has huge challenge of getting the IP address of the culprit as there is dynamic IP in cloud computing. Also one among many problems is that the customer is only concerned of security and threat of unknown. The cloud service provider never lets customer see what is behind "virtual curtain" which leads customer more doubting for the security and threat issue. In cloud forensics, the lack of physical access leads to big challenge for investigator. In this paper we are presenting few common challenges which arise in cloud forensic and proposed solution to it. We will also discuss the in brief about cloud computing and cloud forensic.
Cloud data security and various cryptographic algorithms IJECEIAES
Cloud computing has spread widely among different organizations due to its advantages, such as cost reduction, resource pooling, broad network access, and ease of administration. It increases the abilities of physical resources by optimizing shared use. Clients’ valuable items (data and applications) are moved outside of regulatory supervision in a shared environment where many clients are grouped together. However, this process poses security concerns, such as sensitive information theft and personally identifiable data leakage. Many researchers have contributed to reducing the problem of data security in cloud computing by developing a variety of technologies to secure cloud data, including encryption. In this study, a set of encryption algorithms (advance encryption standard (AES), data encryption standard (DES), Blowfish, Rivest-Shamir-Adleman (RSA) encryption, and international data encryption algorithm (IDEA) was compared in terms of security, data encipherment capacity, memory usage, and encipherment time to determine the optimal algorithm for securing cloud information from hackers. Results show that RSA and IDEA are less secure than AES, Blowfish, and DES). The AES algorithm encrypts a huge amount of data, takes the least encipherment time, and is faster than other algorithms, and the Blowfish algorithm requires the least amount of memory space.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
A Secure Framework for Cloud Computing With Multi-cloud Service Providersiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers. Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.
Cloud computing is very useful then also its own set of cons discourage cloud users to choose them as a best option. The multitenant architecture of cloud exposed to several threats such as improper trust management at service provider site, Storage security, Shared technology vulnerabilities, data lost/leakage during transit, unauthorized access of data. This paper studied review work on cloud steganography.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Assuring Contact Center Experiences for Your Customers With ThousandEyes
G033030035
1. International Journal Of Computational Engineering Research (ijceronline.com) Vol. 3 Issue. 3
30
||Issn||2250-3005|| (Online) ||March||2013|| ||www.ijceronline.com||
Effective Service Security Schemes In Cloud Computing
1,
K.Sravani, 2,
K.L.A.Nivedita
1,2,
Assistant Professor Department of CSE Swarna Bharathi College of Engineering
Khammam, Andhra Pradesh
Abstract
The cloud computing is the fastest growing concept in IT industry. The IT companies have realized that
the cloud computing is going to be the hottest topic in the field of IT. Cloud Computing reduces cost by sharing
computing and storage resources, merged with an on demand provisioning mechanism relying on a pay-per use
business model. Due to varied degree of security features and management schemes within the cloud entities
security in the cloud is challenging. Security issues ranging from system misconfiguration, lack of proper
updates, or unwise user behaviour from remote data storage that can expose user‗s private data and information
to unwanted access can plague a Cloud Computing. The intent of this paper is to investigate the security related
issues and challenges in Cloud computing environment. We also proposed a security scheme for protecting
services keeping in view the issues and challenges faced by cloud computing.
Keywords— Cloud Computing, Data Protection, Security, Application Program Interface, Average Revenue
Per user.
1. Introduction
The basic principle of cloud computing is to make the computing be assigned in a large number of
computers, rather than local computer or remote server. The cloud computing is extension of grid computing,
distributed computing and parallel computing [3]. In cloud computing the recourses are shared via internet.
Cloud computing provides the fast, quick and convenient data storage and other computing services via internet.
The cloud computing system is like your virtual computer that is a virtual location of your resources. The user
can access their resources those are placed on a cloud as on their real system resources. The user can install
applications, store data etc. and can access through internet anywhere. The user do not need to buy or install any
hardware to upgrade his machine. They can do it via internet. In future we may need only notebook PC or a
mobile phone to access our powerful computer and our resources anywhere.Security aspects of cloud computing
are gaining interests of researchers as there are still numerous unresolved issues which needed to be addressed
before large scale exploitation take place. Cloud computing is not something that suddenly appeared overnight;
in some form it may trace back to a time when computer systems remotely time -shared computing resources
and applications. More currently though, cloud computing refers to the many different types of services and
applications being delivered in the internet cloud, and the fact that, in many cases, the devices used to access
these services and applications do not require any special applications [2].
Figure1:The Cloud
2. Effective Service Security Schemes In Cloud Computing...
31
||Issn||2250-3005|| (Online) ||March||2013|| ||www.ijceronline.com||
The basic idea of cloud computing is that it describes a new supplement, consumption, and delivery model for
IT services based on Internet protocols, and it typically involves provisioning of dynamically scalable and
often virtualized resources. The attractive feature of Cloud computing is that it has made access to computing
resources a lot easier, but with that convenience has come a whole new universe of threats and vulnerabilities. In
this paper, we explore the security issues and challenges for next generation CC and discuss the crucial
parameters that require extensive investigations. Basically the major challenge for employing any efficient
security scheme in CC is created by taking some of the important characteristics into considerations such as
Shared Infrastructure, Dynamic Provisioning, Network Access and Managed Metering.
2. Cloud Computing Security Issues
Security issues are the most concerned challenges in cloud computing [3]. Cloud is expected to offer
the capabilities like encryption strategies to ensure safe data storage environment, strict access control, secure
and stable backup of user data. However, cloud allows users to achieve the power of computing which beats
their own physical domain. It leads to many security problems. We will discuss the major security concerns in
the following:
2.1. Identification and Authentication:
The multi tenancy in cloud computing allows a single instance of the software to be accessed by more
than one users [3]. This will cause identification and authentication problem because different users use
different tokens and protocols , that may cause interpretability problems.
2.2. Access control:
Confidential data can be illegally accessed due to lenient access control.If adequate security
mechanisms are not applied then unauthorized access may exist. As data exists for a long time in a cloud, the
higher the risk of illegal access [3].
2.3. Data Seizure:
The company providing service may violate the law. There is a risk of data seizure by the some foreign
government.
2.4. Encryption/ Decryption:
There is an issue of the Encryption/ Decryption key that are provided. The keys should be provided by
the customer itself.
2.5. Policy Integration: Different cloud servers can use different tools to ensure the security of client data. So
integration policy is one of the major concerns of security.
2.6. Audit: In cloud computing the Cloud Service Provider (CSP) controls the data being processed. CSP may
use data while being processed [3]. So the process must be audited. The all user activities must be traceable.
The amount of data in Cloud Computing may be very large. So it is not possible to audit everything.
2.7. Availability: Availability is the major concern in the cloud computing. When the client data is virtualized,
clients have no control on the physical data [3]. If in the cloud, the data or service is not available, it is rigid
to fetch the data.
2.8 Network Consideration
Cloud computing is a technique of resource sharing where servers and storage in multiple locations are
connected by networks to create a pool of resources. When applications are run, resources are allocated from
this pool and connected to the user as needed. The missions of connecting the resources (servers and storage)
into a resource pool and then connecting users to the correct resources create the network's mission in cloud
computing. For many cloud computing applications, network performance will be the key to cloud computing
performance.
2.9. Virtualization Paradigm
In order to process a user request in CC environment, a service provider can draw the necessary
resources on demand, perform a specific job and then relinquish the unneeded resources and often dispose them
after the job is done. Contrary to traditional computing paradigms, in a cloud computing environment, data and
the application is controlled by the service provider. This leads to a natural concern about data safety and also its
protection from internal as well as external threats. Usually, in a cloud computing paradigm, data storage and
computation are performed in a single data enter that may led to the development of various security related
failure.
3. Effective Service Security Schemes In Cloud Computing...
32
||Issn||2250-3005|| (Online) ||March||2013|| ||www.ijceronline.com||
2.10. Mapping machines
Cloud computing offers a means to decouple the application activities from the physical resources
required. This has enabled consolidation of multiple applications onto a lesser number of physical servers
resulting in an increase in server utilization. Such decoupling of resources is facilitated by the concept of a
virtual machine which encapsulates an application with a specific set of functionalities. Physical resources are
made available to the virtual machine by a guest operating system running on each physical machine. The
virtual machine runs over this guest operating system which also provides facilities for creation, destruction and
migration of virtual machines. The different security parameters are required to facilitate these functions in
cloud computing.
2.11 Secure Data Management
As data is an important tool of CC the some aspects of the secure cloud, namely aspects of the cloud
storage and data layers. In particular the security issues ranging from ways of efficiently store the data in foreign
machines to querying encrypted data, as much of the data on the cloud may be encrypted is a critical challenge
for implementing security schemes in Cloud Computing [8].
2.12 Resource Allocation
With the cloud model, we lose control over physical security. In a public cloud, we are sharing
computing resources with other companies. In a shared pool outside the enterprise, we don't have any
knowledge or control of where the resources run. Exposing our data in an
environment shared with other companies could give the government "reasonable cause" to seize your assets
because another company has violated the law. Simply because we share the environment in the cloud, may put
your data at risk of seizure. Storage services provided by
one cloud vendor may be incompatible with another vendor's services should decide to move from one to the
other. Thus to secure the resources in a cloud demand highly encrypted schemes.
3. Challenges Of Security Schemes
Cloud Computing represents one of the most significant shifts in information technology many of us
are likely to see in our lifetimes. Basically the major challenge for employing any efficient security scheme in
CC is created by the tasks expected from the clouds. Security schemes look like a defense tool which every
organization needs. However there are some challenges the organizations face while deploying a security system
in Cloud computing. Some of them are:
3.1 Abuse and Nefarious Use of Cloud Computing
Providers offer their customers the illusion of unlimited computer, network, and storage capacity often
coupled with a friction less registration process where anyone with a valid credit card can register and
immediately begin using cloud services. Some providers even offer free limited trial periods. By abusing the
relative anonymity behind these registration and usage models, spammers, malicious code authors, and other
criminals have been able to conduct their activities with relative impunity.
3.2 Insecure Interfaces and APIs
Cloud computing providers expose a set of software interfaces or APIs that customers use to manage
and interact with cloud services. Provisioning, management, orchestration, and monitoring are all performed
using these interfaces. The security and availability of general cloud services is dependent upon the security of
these basic APIs. From authentication and access control to encryption and activity monitoring, these interfaces
must be designed to protect against both accidental and malicious attempts to circumvent policy. Furthermore,
organizations and third parties often build upon these interfaces to offer value-added services to their customers.
This introduces the complexity of the new layered API; it also increases risk, as organizations may be required
to relinquish their credentials to third parties in order to enable their agency.
3.3 Malicious Insiders
Another important challenge regarding implementing security schemes is the threat of a malicious
insider. This threat is amplified for consumers of cloud services by the convergence of IT services and
customers under a single management domain, combined with a general lack of transparency into provider
process and procedure. For example, a provider may not reveal how it grants employees access to physical and
virtual assets, how it monitors these employees, or how it analyzes and reports on policy compliance (e.g. [7],
[1]). To complicate matters, there is often little or no visibility into the hiring standards and practices for cloud
employees. This kind of situation clearly creates an attractive opportunity for an adversary — ranging from the
hobbyist hacker, to organized crime, to corporate espionage, or even nation-state sponsored intrusion. The level
of access granted could enable such an adversary to harvest confidential data or gain complete control over the
cloud services with little or no risk of detection.
4. Effective Service Security Schemes In Cloud Computing...
33
||Issn||2250-3005|| (Online) ||March||2013|| ||www.ijceronline.com||
3. 4 Shared Technology Issues
Vendors deliver their services in a scalable way by sharing infrastructure. Often, the underlying
components that make up this infrastructure (e.g., CPU caches, GPUs, etc.) were not designed to offer strong
isolation properties for a multi-tenant architecture. To address this gap, a virtualization hypervisor mediates
access between guest operating systems and the physical compute resources. Still, even hypervisors have
exhibited flaws that have enabled guest operating systems to gain inappropriate levels of control or influence on
the underlying platform. A defence in depth strategy is recommended, and should include compute, storage, and
network security enforcement and monitoring. Strong compartmentalization should be employed to ensure that
individual customers do not impact the operations of other tenants running on the same cloud provider.
Customers should not have access to any other tenant‘s
actual or residual data, network traffic etc.
3.5 Data Loss or Leakage
There are many ways to compromise data. Deletion or alteration of records without a backup of the
original content is an obvious example [6]. Unlinking a record from a larger context may render it
unrecoverable, as can storage on unreliable media. Loss of an encoding key may result in effective destruction.
Finally, unauthorized parties must be prevented from gaining access to sensitive data. The threat of data
compromise increases in the cloud, due to the number of and interactions between risks and challenges which
are either unique to cloud, or more dangerous because of the architectural or operational characteristics of the
cloud environment.
4.PROPOSED SECURITY FRAMEWORK
In the recent years, CC security has been able to attract the attentions of a no. of researchers around the
world [4]. In this section we proposed a security scheme taking regarding issues and challenges keeping in
mind. Our aim is to design and develop a security proposal that would be accurate, secure data in shared pool,
secure for unexpected intrusions, adaptive and be of real time. The proposed secure model provides the security
of cloud services by the following ways:
4.1 Secure Cloud service
The cloud service providers with the highest margins, highest ARPU, lowest operating costs, and
lowest churn will have a significant competitive advantage in the long run. To achieve this advantage, they will
need a comprehensive cloud service delivery platform and the cost of developing such a platform with security
parameter is a factor they will need to take into account. Not all cloud service providers are the same. While
some are giants with multiple data centers worldwide, some, in particular niche service providers. That is not all
bad computing still is their business, which means they invest all their operating and capital budgets in IT
operations. And even the largest providers are not immune to security problems as the hacking of the Sony
network and the major crash of Amazon's infrastructures- a-service installation demonstrated. The security of
service provider managed by:
Check out its security staff.
Ask where its data centres are, how many it has, and what its security parameters and
proposals are.
Separating the company data from company operations has many security
advantages.
Stricter initial registration and validation processes for customers.
To enhanced credit card fraud monitoring and coordination.
Comprehensive introspection of customer network traffic.
Monitoring public blacklists for one‘s own network blocks.
4.2 Secure Web Platform
Cloud platform services deliver a computing platform and solution stack as a service often consuming
cloud applications [5]. It facilitates deployment of applications without the cost and complexity of buying and
managing the underlying hardware and software layers. The security of the web platform is to securing all
content and data traffic - including email, web and identity traffic - moving between an organization and the
Cloud. Some schemes that protect the data and its travels within or outside the organization to the Cloud are:
i. Analyze the security model of cloud provider interfaces.
ii. Ensure strong authentication and access controls in concert with encrypted transmission.
iii. Understand the dependency chain associated with the API.
5. Effective Service Security Schemes In Cloud Computing...
34
||Issn||2250-3005|| (Online) ||March||2013|| ||www.ijceronline.com||
4.3 Secure Cloud Infrastructure
Cloud infrastructure is a platform which holds the development environments and within it one would
find managed hosting environment where various applications are built. To secure this Using a secure password
management service that protects user ID and password data and can flag users that repeat passwords across
various systems. For secure cloud Infrastructure we have used:
LDAP controls and administering credentials that keep access information from being
scattered around.
Running scripts to remove access when employees leave the organization are also
proposed for identity management security.
Determine security breach notification processes.
Monitor environment for unauthorized changes/activity.
Promote strong authentication and access control for administrative access and
operations [3].
Conduct vulnerability scanning and configuration audits.
4.4 Secure Cloud Data Pool
When enterprises adopt cloud computing and deploy databases in virtual environments, they run the risk of
exposing highly-sensitive data to a broad base of internal and external attacks [3]. Here, we enlist strategies
to help enterprises protect their data when implementing a database security strategy in cloud or virtualized
environments.
Multi-tenancy: To be used for single backup system to protect multiple business units or customers and to
allocate resources to them dynamically on-demand. Therefore, every storage pool needs to be kept secure
and fully independent from the others.
Chargeback systems: For data protection resources allocated by end-user needs, storage providers need to
track this usage by a wide range of criteria for both chargeback and billing purposes and for infrastructure
optimization purposes.
Robust Reporting: CC environment need an accurate way to forecast their capacity and processing needs
for budgeting purposes. It also needs to analyze usage to optimize available system resources for better
efficiencies. Thus detailed reporting and analytics not only helps in managing the current environment but
also enables trending and modelling for planning future investments.
Quality of Service delivery: Storage pooling enables CC environment to set replication priorities for each
pool so that the most mission critical data is replicated before less important data. This QoS orientation
can be set to specific backup policies with different retention periods for a particular storage pool.
Storage Tiering: Storage tiering is the mechanism to allocate disk drives to a storage pool according to the
capacity or performance requirements for a specific set of data under protection.
Global Deduplication: De duplication is a critical part of an effective data protection
environment. It is not only necessary for cost-effective optimization of the overall storage capacity but also
provides a cost effective WAN implementation for replication and movement of data to a remote location
for disaster recovery.
5. Conclusion
The proposed secure model has to ensure security of each service by applying the various security
schemes on each cloud architectural component. While most of the risk against security in Cloud computing are
caused by the involvement of computing in different plate forms. For defending the threats, developing the
secure system that will be efficient is a great research challenge. Again, ensuring each component secure is a
major research issue. Many of today‘s security schemes based on specific component mode but there is a lack of
combined effort to take a common model to ensure security of each architectural component, in future though
the security mechanism become well - established for each individual component, combining all the mechanism
together for making them work in collaboration with each other will incur a hard research challenge.
6. Effective Service Security Schemes In Cloud Computing...
35
||Issn||2250-3005|| (Online) ||March||2013|| ||www.ijceronline.com||
References
[1] P.F. da Silva and C.B. Westp hall, ―Improvements in the Model for Interoperability of Intrusion Detection Responses
Compatible with the IDWG Model‖ Int‘l J. Network Management, vol. 17, no. 4, 2011, pp. 287–294.
[2] Chunye Gong, Jie Liu, Qiang Zhang, Haitao Chen and Zhenghu Gong , ―Characteristics of cloud computing‖ , 39th
International Conference on Parallel Processing Workshops ,2012
[3] ZiyuanWang , ―Security and privacy issues within the Cloud Computing‖ ,International Conference on
Computational and Information Sciences , 2011
[4] Shuai Zhang, ShufenZhang, Xuebin Chen and XiuzhenHuo , ―The Comparison Between Cloud Computing and Grid
Computing‖ , International Conference on Computer Application and System Modeling (ICCASM 2010),2010
[5] Siani Pearson and AzzedineBenameur , ―Privacy , Security and Trust Issues Arising from Cloud Computing‖,2nd
IEEE International Conference on Cloud Computing Technology and Science
[6] ZhidongShen and QiangTong ,―The Security of Cloud Computing System enabled by Trusted Computing
Technology‖, 2nd International Conference on Signal Processing Systems (ICSPS) , 2010
[7] Shuai Zhang , Shufen Zhang , Xuebin Chen and XiuzhenHuo , ―Cloud Computing Research and Development
Trend‖ , Second International Conference on Future Networks , 2010
[8] D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S. Soman, L. Youseff, and D. Zagorodnov, ―The Eucalyptus
open source cloud-computing system‖ in Proceedings of the 9thIEEE/ACM International Symposium on Cluster
Computing and the Grid (CCGRID 09), May 2011, pp. 124–131.
[9] Q. Wang, K. Ren, W. Lou, and Y. Zhang, ―Dependable and Secure Sensor Data Storage with Dynamic Integrity
Assurance‖ Proc. of IEEE INFOCOM, 2010.
[10] T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, ―Hey , you, get off of my cloud: exploring information leakage
in third-party compute clouds,‖ in CCS 09: Proceedings of the 16th ACM conference on Computer and
communications security. New York, NY, USA: ACM, 2011, pp. 199–212.
[11] K.hamlin, M. Kantarcioglu, L. Khan and B. Thuraisingham "Security Issues for Cloud
Computing" Journal of Information Security and Privacy,vol. 4, no. 2, pp. 39–51, April-June 2010.