Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
A Study of Data Storage Security Issues in Cloud Computingvivatechijri
Cloudcomputingprovidesondemandservicestoitsclients.Datastorageisamongoneoftheprimaryservices providedbycloudcomputing.Cloudserviceproviderhoststhedataofdataownerontheirserverandusercan accesstheirdatafromtheseservers.Asdata,ownersandserversaredifferentidentities,theparadigmofdata storagebringsupmanysecuritychallenges.Anindependentmechanismisrequiredtomakesurethatdatais correctlyhostedintothecloudstorageserver.Inthispaper,wewilldiscussthedifferenttechniquesthatare usedforsecuredatastorageoncloud. Cloud computing is a functional paradigm that is evolving and making IT utilization easier by the day for consumers. Cloud computing offers standardized applications to users online and in a manner that can be accessed regularly. Such applications can be accessed by as many persons as permitted within an organization without bothering about the maintenance of such application. The Cloud also provides a channel to design and deploy user applications including its storage space and database without bothering about the underlying operating system. The application can run without consideration for on premise infrastructure. Also, the Cloud makes massive storage available both for data and databases. Storage of data on the Cloud is one of the core activities in Cloud computing. Storage utilizes infrastructure spread across several geographical locations.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
A Study of Data Storage Security Issues in Cloud Computingvivatechijri
Cloudcomputingprovidesondemandservicestoitsclients.Datastorageisamongoneoftheprimaryservices providedbycloudcomputing.Cloudserviceproviderhoststhedataofdataownerontheirserverandusercan accesstheirdatafromtheseservers.Asdata,ownersandserversaredifferentidentities,theparadigmofdata storagebringsupmanysecuritychallenges.Anindependentmechanismisrequiredtomakesurethatdatais correctlyhostedintothecloudstorageserver.Inthispaper,wewilldiscussthedifferenttechniquesthatare usedforsecuredatastorageoncloud. Cloud computing is a functional paradigm that is evolving and making IT utilization easier by the day for consumers. Cloud computing offers standardized applications to users online and in a manner that can be accessed regularly. Such applications can be accessed by as many persons as permitted within an organization without bothering about the maintenance of such application. The Cloud also provides a channel to design and deploy user applications including its storage space and database without bothering about the underlying operating system. The application can run without consideration for on premise infrastructure. Also, the Cloud makes massive storage available both for data and databases. Storage of data on the Cloud is one of the core activities in Cloud computing. Storage utilizes infrastructure spread across several geographical locations.
Internal & External Attacks in cloud computing Environment from confidentiali...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Cloud Storage is a branch of Cloud Computing, which plays an important role in IT world. Cloud providers are providing a huge volume of storage space as per the user needs. Due to wide usage of this, it also increases data security issues and threats. Hence efforts are being made to encrypt the data stored in the cloud. In this paper, we are going to look at different encryption and auditing techniques that are used to avoid data breaching in cloud storage. Nikhil Sreenivasan ""Data Storage Issues in Cloud Computing"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020,
URL: https://www.ijtsrd.com/papers/ijtsrd30194.pdf
Paper Url : https://www.ijtsrd.com/computer-science/computer-network/30194/data-storage-issues-in-cloud-computing/nikhil-sreenivasan
Establishing applications on on-demand infrastructures rather of building applica-tions on fixed and rigid infrastructures was provided by cloud computing provides. By merely exploiting into the cloud, initiatives can gain fast access to business applications or infrastructure resources with decreased Capital Expenditure (CAPEX). The more and more information is placed into the cloud by someone and initiatives, security issues begins to develop and raised. This paper discusses the different security issues that rise up about how secure the mo-bile cloud computing environment.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
In a typical cloud computing diverse facilitating components like hardware, software, firmware,
networking, and services integrate to offer different computational facilities, while Internet or a private
network (or VPN) provides the required backbone to deliver the services. The security risks to the cloud
system delimit the benefits of cloud computing like “on-demand, customized resource availability and
performance management”. It is understood that current IT and enterprise security solutions are not
adequate to address the cloud security issues. This paper explores the challenges and issues of security
concerns of cloud computing through different standard and novel solutions. We propose analysis and
architecture for incorporating different security schemes, techniques and protocols for cloud computing,
particularly in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) systems. The proposed
architecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and
is not coupled with the underlying backbone. This would facilitate to manage the cloud system more
effectively and provide the administrator to include the specific solution to counter the threat. We have also
shown using experimental data how a cloud service provider can estimate the charging based on the
security service it provides and security-related cost-benefit analysis can be estimated.
Excellent Manner of Using Secure way of data storage in cloud computingEditor IJMTER
The major challenging issue in Cloud computing is Security. Providing Security is big issue
towards protecting data from third person as well as in Internet. This mainly deals the Security how it is
provided. Various type of services are there to protect our data and Various Services are available in Cloud
Computing to Utilize effective manner as Software as a Service (SaaS), Platform as a Service (PaaS),
Hardware as a Service (HaaS). Cloud computing is the use of computing resources (hardware and
software) that are delivered as a service over Internet network. Cloud Computing moves the Application
software and databases to the large data centres, where the administration of the data and services may not
be fully trustworthy that is in third party here the party has to get certified and authorized. Since Cloud
Computing share distributed resources via network in the open environment thus it makes new security
risks towards the correctness of the data in cloud. I propose in this paper flexibility of data storage
mechanism in the distributed environment by using the homomorphism token generation. In the proposed
system, users need to allow auditing the cloud storage with lightweight communication. While using
Encryption and Decryption methods it is very burden for a single processor. Than the processing
Capabilities can we utilize from Cloud Computing.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
in cloud computing data storage is a significant issue
because the entire data reside over a set of interconnected
resource pools that enables the data to be accessed through
virtual machines. It moves the application software’s and
databases to the large data centers where the management of
data is actually done. As the resource pools are situated over
various corners of the world, the management of data and
services may not be fully trustworthy. So, there are various
issues that need to be addressed with respect to the
management of data, service of data, privacy of data, security
of data etc. But the privacy and security of data is highly
challenging. To ensure privacy and security of data-at-rest in
cloud computing, we have proposed an effective and a novel
approach to ensure data security in cloud computing by means
of hiding data within images following is the concept of
steganography. The main objective of this paper is to prevent
data access from cloud data storage centers by unauthorized
users. This scheme perfectly stores data at cloud data storage
centers and retrieves data from it when it is needed.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
Cloud computing security through symmetric cipher modelijcsit
Cloud computing can be defined as an application and services which runs on distributed network using
virtualized and it is accessed through internet protocols and networking. Cloud computing resources and
virtual and limitless and information’s of the physical systems on which software running are abstracted
from the user. Cloud Computing is a style of computing in which dynamically scalable and often virtualized
resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or
control over the technology infrastructure in the "cloud" that supports them. To satisfy the needs of the
users the concept is to incorporate technologies which have the common theme of reliance on the internet
Software and data are stored on the servers whereas cloud computing services are provided through
applications online which can be accessed from web browsers. Lack of security and access control is the
major drawback in the cloud computing as the users deal with sensitive data to public clouds .Multiple
virtual machine in cloud can access insecure information flows as service provider; therefore to implement
the cloud it is necessary to build security. Therefore the main aim of this paper is to provide cloud
computing security through symmetric cipher model. This article proposes symmetric cipher model in
order to implement cloud computing security so that data can accessed and stored securely.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
Internal & External Attacks in cloud computing Environment from confidentiali...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Cloud Storage is a branch of Cloud Computing, which plays an important role in IT world. Cloud providers are providing a huge volume of storage space as per the user needs. Due to wide usage of this, it also increases data security issues and threats. Hence efforts are being made to encrypt the data stored in the cloud. In this paper, we are going to look at different encryption and auditing techniques that are used to avoid data breaching in cloud storage. Nikhil Sreenivasan ""Data Storage Issues in Cloud Computing"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020,
URL: https://www.ijtsrd.com/papers/ijtsrd30194.pdf
Paper Url : https://www.ijtsrd.com/computer-science/computer-network/30194/data-storage-issues-in-cloud-computing/nikhil-sreenivasan
Establishing applications on on-demand infrastructures rather of building applica-tions on fixed and rigid infrastructures was provided by cloud computing provides. By merely exploiting into the cloud, initiatives can gain fast access to business applications or infrastructure resources with decreased Capital Expenditure (CAPEX). The more and more information is placed into the cloud by someone and initiatives, security issues begins to develop and raised. This paper discusses the different security issues that rise up about how secure the mo-bile cloud computing environment.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
In a typical cloud computing diverse facilitating components like hardware, software, firmware,
networking, and services integrate to offer different computational facilities, while Internet or a private
network (or VPN) provides the required backbone to deliver the services. The security risks to the cloud
system delimit the benefits of cloud computing like “on-demand, customized resource availability and
performance management”. It is understood that current IT and enterprise security solutions are not
adequate to address the cloud security issues. This paper explores the challenges and issues of security
concerns of cloud computing through different standard and novel solutions. We propose analysis and
architecture for incorporating different security schemes, techniques and protocols for cloud computing,
particularly in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) systems. The proposed
architecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and
is not coupled with the underlying backbone. This would facilitate to manage the cloud system more
effectively and provide the administrator to include the specific solution to counter the threat. We have also
shown using experimental data how a cloud service provider can estimate the charging based on the
security service it provides and security-related cost-benefit analysis can be estimated.
Excellent Manner of Using Secure way of data storage in cloud computingEditor IJMTER
The major challenging issue in Cloud computing is Security. Providing Security is big issue
towards protecting data from third person as well as in Internet. This mainly deals the Security how it is
provided. Various type of services are there to protect our data and Various Services are available in Cloud
Computing to Utilize effective manner as Software as a Service (SaaS), Platform as a Service (PaaS),
Hardware as a Service (HaaS). Cloud computing is the use of computing resources (hardware and
software) that are delivered as a service over Internet network. Cloud Computing moves the Application
software and databases to the large data centres, where the administration of the data and services may not
be fully trustworthy that is in third party here the party has to get certified and authorized. Since Cloud
Computing share distributed resources via network in the open environment thus it makes new security
risks towards the correctness of the data in cloud. I propose in this paper flexibility of data storage
mechanism in the distributed environment by using the homomorphism token generation. In the proposed
system, users need to allow auditing the cloud storage with lightweight communication. While using
Encryption and Decryption methods it is very burden for a single processor. Than the processing
Capabilities can we utilize from Cloud Computing.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
in cloud computing data storage is a significant issue
because the entire data reside over a set of interconnected
resource pools that enables the data to be accessed through
virtual machines. It moves the application software’s and
databases to the large data centers where the management of
data is actually done. As the resource pools are situated over
various corners of the world, the management of data and
services may not be fully trustworthy. So, there are various
issues that need to be addressed with respect to the
management of data, service of data, privacy of data, security
of data etc. But the privacy and security of data is highly
challenging. To ensure privacy and security of data-at-rest in
cloud computing, we have proposed an effective and a novel
approach to ensure data security in cloud computing by means
of hiding data within images following is the concept of
steganography. The main objective of this paper is to prevent
data access from cloud data storage centers by unauthorized
users. This scheme perfectly stores data at cloud data storage
centers and retrieves data from it when it is needed.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
Cloud computing security through symmetric cipher modelijcsit
Cloud computing can be defined as an application and services which runs on distributed network using
virtualized and it is accessed through internet protocols and networking. Cloud computing resources and
virtual and limitless and information’s of the physical systems on which software running are abstracted
from the user. Cloud Computing is a style of computing in which dynamically scalable and often virtualized
resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or
control over the technology infrastructure in the "cloud" that supports them. To satisfy the needs of the
users the concept is to incorporate technologies which have the common theme of reliance on the internet
Software and data are stored on the servers whereas cloud computing services are provided through
applications online which can be accessed from web browsers. Lack of security and access control is the
major drawback in the cloud computing as the users deal with sensitive data to public clouds .Multiple
virtual machine in cloud can access insecure information flows as service provider; therefore to implement
the cloud it is necessary to build security. Therefore the main aim of this paper is to provide cloud
computing security through symmetric cipher model. This article proposes symmetric cipher model in
order to implement cloud computing security so that data can accessed and stored securely.
Cloud computing is a model which uses the mixture concept of “software-as-a-service” and “utility computing”, and provides
various on-demand services in a convenient way requested end users. It is internet based where resources are shared and the
information is available for on demand service users. Security issue in Cloud computing is the important and critical issues
because the resources are distributed. Both the Cloud provider and the cloud consumer should be fully sure that the cloud is safe
enough from all the external threats so that the customer does not face any kind of problem like loss or theft of their valua ble
data. There is also a possibility where a malicious user can penetrate the cloud by imitate an authorized user, and affect with a
virus to the entire cloud and affects many customers who are sharing the infected cloud. In this paper we firstly lists the
parameters that affects the security of the cloud then it explores the security issues of cloud computing and the troubles faced by
providers and consumers about their data, privacy, and infected application and security issues. It also presents some security
solutions for tackling these issues and problems.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
nable applications provide as a services for the users
with low computational cost through internet. As we store data
and it also provide services in distributed environment. Cloud
ease its users by providing virtualization technology of resources
through internet. Cloud computing is the emerging field, due to
this reason the various new techniques are still developing. At
current scenario new security challenges were increases for cloud
professionals. Due to lack of security in cloud computing
environment user of cloud lost it trust in cloud. Multi-tenancy,
elasticity, Security Performance and Optimization, etc are
various security issues in cloud computing. In this paper we will
discuss some of the issue in cloud. This paper also discuss some of
the existing security technique for securing a cloud and help
researchers and professionals to know about various security
threats.
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Cloud computing provides the facility to access shared resources and common support which contributes services on
demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection
of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious
concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the
cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to
achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that
user’s private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based
privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request
and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing
among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority
sharing is attractive for multi-user collaborative cloud applications.
Security threat issues and countermeasures in cloud computingJahangeer Qadiree
Cloud computing field has reached to the highest level of technical heights. The security problems of cloud computing hinders
its development. It is totally internet based technology where the resources and information shared on a distributed network. So
it is important for both provider as well as consumer to provide the security and trust to share the data for developing clou d
computing applications. Because now organizations are now moving fast towards the cloud. So there is the possibility of threats
that will harm the data on the cloud. In our paper we mainly focuses on security threats of cloud computing system also we
mention some solutions and countermeasures on these security problems
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Cloud computing provides the facility to access shared resources and common support which contributes services on demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that user’s private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority sharing is attractive for multi-user collaborative cloud applications.
Security & privacy issues of cloud & grid computing networksijcsa
Cloud computing is a new field in Internet computing that provides novel perspectives in internetworking
technologies. Cloud computing has become a significant technology in field of information technology.
Security of confidential data is a very important area of concern as it can make way for very big problems
if unauthorized users get access to it. Cloud computing should have proper techniques where data is
segregated properly for data security and confidentiality. This paper strives to compare and contrast cloud
computing with grid computing, along with the Tools and simulation environment & Tips to store data and
files safely in Cloud.
Ant colony Optimization: A Solution of Load balancing in Cloud dannyijwest
As the cloud computing is a new style of computing over internet. It has many advantages along with some
crucial issues to be resolved in order to improve reliability of cloud environment. These issues are related
with the load management, fault tolerance and different security issues in cloud environment. In this paper
the main concern is load balancing in cloud computing. The load can be CPU load, memory capacity,
delay or network load. Load balancing is the process of distributing the load among various nodes of a
distributed system to improve both resource utilization and job response time while also avoiding a
situation where some of the nodes are heavily loaded while other nodes are idle or doing very little work.
Load balancing ensures that all the processor in the system or every node in the network does
approximately the equal amount of work at any instant of time. Many methods to resolve this problem has
been came into existence like Particle Swarm Optimization, hash method, genetic algorithms and several
scheduling based algorithms are there. In this paper we are proposing a method based on Ant Colony
optimization to resolve the problem of load balancing in cloud environment.
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...idescitation
Cloud computing is a model for enabling convenient, on-demand network access
to a shared pool of configurable computing resources. Reliability in compute cloud is an
important aspect in Quality of Service which needs to be addressed in order to foster the
adoption of compute cloud. In today’s integrated environment the distributed systems is
employed to carry out computational intensive task at a faster rate without much
investment. The Cloud is a multitenant architecture which allows faster computation with
high scalability at a lower cost thereby the users can share the same physical infrastructure.
Individual customers deploy their applications in such environment will occupy the virtual
partitions on the platform. This paper describes a straightforward procedure to analyze the
reliability of the application from the view point of the resource provider. A trust
component is implemented to provide preventive control and to mitigate the occurrence of
any non-permissible action by using the detective mechanism. Such mechanisms are used to
identify the privacy risk and it further prevents from utilization. Hence, in this paper trust
assessment is performed before the user is allowed to share the multitenant infrastructure.
The cloud can provide scalable and reliable service for the legitimate users. The proposed
work is tested using tools Aneka and Globus Toolkit.
This presentation gives a detailed overview about Cloud Computing, its features and challenges faced by it in the market. It gives an insight into cloud security and privacy issues and its measures.
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers. Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.
Cloud data security and various cryptographic algorithms IJECEIAES
Cloud computing has spread widely among different organizations due to its advantages, such as cost reduction, resource pooling, broad network access, and ease of administration. It increases the abilities of physical resources by optimizing shared use. Clients’ valuable items (data and applications) are moved outside of regulatory supervision in a shared environment where many clients are grouped together. However, this process poses security concerns, such as sensitive information theft and personally identifiable data leakage. Many researchers have contributed to reducing the problem of data security in cloud computing by developing a variety of technologies to secure cloud data, including encryption. In this study, a set of encryption algorithms (advance encryption standard (AES), data encryption standard (DES), Blowfish, Rivest-Shamir-Adleman (RSA) encryption, and international data encryption algorithm (IDEA) was compared in terms of security, data encipherment capacity, memory usage, and encipherment time to determine the optimal algorithm for securing cloud information from hackers. Results show that RSA and IDEA are less secure than AES, Blowfish, and DES). The AES algorithm encrypts a huge amount of data, takes the least encipherment time, and is faster than other algorithms, and the Blowfish algorithm requires the least amount of memory space.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Vaccine management system project report documentation..pdfKamal Acharya
The Division of Vaccine and Immunization is facing increasing difficulty monitoring vaccines and other commodities distribution once they have been distributed from the national stores. With the introduction of new vaccines, more challenges have been anticipated with this additions posing serious threat to the already over strained vaccine supply chain system in Kenya.
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdfKamal Acharya
The College Bus Management system is completely developed by Visual Basic .NET Version. The application is connect with most secured database language MS SQL Server. The application is develop by using best combination of front-end and back-end languages. The application is totally design like flat user interface. This flat user interface is more attractive user interface in 2017. The application is gives more important to the system functionality. The application is to manage the student’s details, driver’s details, bus details, bus route details, bus fees details and more. The application has only one unit for admin. The admin can manage the entire application. The admin can login into the application by using username and password of the admin. The application is develop for big and small colleges. It is more user friendly for non-computer person. Even they can easily learn how to manage the application within hours. The application is more secure by the admin. The system will give an effective output for the VB.Net and SQL Server given as input to the system. The compiled java program given as input to the system, after scanning the program will generate different reports. The application generates the report for users. The admin can view and download the report of the data. The application deliver the excel format reports. Because, excel formatted reports is very easy to understand the income and expense of the college bus. This application is mainly develop for windows operating system users. In 2017, 73% of people enterprises are using windows operating system. So the application will easily install for all the windows operating system users. The application-developed size is very low. The application consumes very low space in disk. Therefore, the user can allocate very minimum local disk space for this application.
Forklift Classes Overview by Intella PartsIntella Parts
Discover the different forklift classes and their specific applications. Learn how to choose the right forklift for your needs to ensure safety, efficiency, and compliance in your operations.
For more technical information, visit our website https://intellaparts.com
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Courier management system project report.pdfKamal Acharya
It is now-a-days very important for the people to send or receive articles like imported furniture, electronic items, gifts, business goods and the like. People depend vastly on different transport systems which mostly use the manual way of receiving and delivering the articles. There is no way to track the articles till they are received and there is no way to let the customer know what happened in transit, once he booked some articles. In such a situation, we need a system which completely computerizes the cargo activities including time to time tracking of the articles sent. This need is fulfilled by Courier Management System software which is online software for the cargo management people that enables them to receive the goods from a source and send them to a required destination and track their status from time to time.
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
Democratizing Fuzzing at Scale by Abhishek Aryaabh.arya
Presented at NUS: Fuzzing and Software Security Summer School 2024
This keynote talks about the democratization of fuzzing at scale, highlighting the collaboration between open source communities, academia, and industry to advance the field of fuzzing. It delves into the history of fuzzing, the development of scalable fuzzing platforms, and the empowerment of community-driven research. The talk will further discuss recent advancements leveraging AI/ML and offer insights into the future evolution of the fuzzing landscape.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSEDuvanRamosGarzon1
AIRCRAFT GENERAL
The Single Aisle is the most advanced family aircraft in service today, with fly-by-wire flight controls.
The A318, A319, A320 and A321 are twin-engine subsonic medium range aircraft.
The family offers a choice of engines
Gen AI Study Jams _ For the GDSC Leads in India.pdf
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
1. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
DOI : 10.5121/ijnsa.2011.3405 48
SECURITY APPREHENSIONS IN
DIFFERENT REGIONS OF CLOUD
CAPTIOUS GROUNDS
Gurdev Singh1
Amit Sharma2
Manpreet Singh Lehal3
1
Department of Computer Science and Engineering, Eternal University,
Baru Sahib, Sirmour, HP (India)
singh.gndu@gmail.com
2
Department of Computer Science and Engineering, Eternal University,
Baru Sahib, Sirmour, HP (India)
amitsh2701@gmail.com
3
Department of Computer Science and Engineering, Lyallpur Khalsa College,
Jalandhar, Punjab (India)
lkcmanpreet@hotmail.com
ABSTRACT
Cloud computing is a new innovative model for enterprise in which information is permanently stored on
the servers and also manage how and when different resources are allocate to the requested users. It
provides distributed approach through which resources are allocated dynamically to the users without
investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes
processing of information is more commodious but it also present them with new security problems about
reliability.This phenomenon introduces serious problems regarding access mechanism to any information
stored in the database and resources in the cloud. For the successful implementation of cloud computing
it is necessary that we must know different areas where the security is needed. For this there should also
governess strategy needed for secure communication between multi-clouds located in different
geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of
cloud computing through the network where data security, provide authentication, integration, recovery,
IP spoofing and Virtual Servers are the most captiousfields in the cloud.
KEYWORDS
Cloud Computing, Data Security, Secure Servers, Secure Network.
1. INTRODUCTION
Cloud computing is on demand model that covers virtualization concept used in physical
servers. It offers an innovative model for enterprise to dynamically emerging applications and
delivers a large pool of scalable resources to users [2], [16].Clouds are a large pool of easily
accessible and usable virtualized resources (such as development platforms, hardware, and/or
services)[14].Cloud computing provides the next generation of internet-based, highly
scalable distributed computing systems in which computational resources are offered ‘as a
service’. It is a natural evolution of the widespread adoption of virtualization, service-oriented
architecture, autonomic and utility computing. Details are abstracted from end-users, who no
longer have need for expertise in, or control over, the technology infrastructure in the cloud that
supports them.
In a cloud computing system, there is a significant workload shift. Normal systems no longer
have to do all the heavy lifting when it comes to running applications. Using the Cloud
Computing model hardware and software demands on the user's side decrease. There is only
2. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
49
need a cloud computing software which provide mediation layer or interface software, that is
Web browser to access the cloud.
Cloud has centralized server administration system. Centralized server administers the system,
balances the load between clients according to demands, monitors traffic and avoids congestion.
Servers in the cloud use protocols called middleware that controls the communication of cloud
network among them. With cloud computing different types of users can access different
resources and applications via the internet from anywhere. For the successful implementation of
cloud computing in the organization require proper planning and understanding the threats,
vulnerabilities and security. In cloud computing we can share different resources and
applications via the network in open environment, thus it makes security problems for us to
develop the secure cloud [12]. Security problems become more complicated in cloud computing
when we entered into the environment such as multi-tenancy, secure distributes environment,
data security, server virtualization and provide authentication[7].
"Multi-tenancy" is for the benefit of the service provider so they can manage the resource
utilization more efficiently [18]. Multi-tenancy implies sharing of computational resources,
storage, services, and applications with other tenants.Unlike previous computing models,
that uses dedicated resources to dedicated user, cloud computing is based on a business model in
which resources are shared at the network, host and application level. To provide security in
multi-tenancy there should be isolation among tenants’ data to avoid attacks that attempt to
co-locate with the victim assets.
Our main goal is to maintaining security without any loss of information. So we can achieve
this, when any user sends request to server then user has to first register himself and after that
login with its username and password that was provided to him. The security is provided when
data is accessed in isolation, identify the user activities, provide secure mechanism to access
server, some mechanism to track the forged IP and provide some laws for the successful
implementation of the cloud.
2. DATA SECURITY IN THE CLOUD
Organizations are aware about the importance of securing their information systems
to guarantee basic security requirements,i.e.Confidentiality and Availability [15]. The
enterprise/personal that adopts the service of cloud computing, firstly the necessary condition is
that both of the server and database on the front end must be trusted has to be satisfied [1]. With
the increasing popularity of enterprise cloud computing and its public connectivity via the
internet it is thenext frontier for viruses, worms, hackers and cyber-terrorists to start probing and
attacking [8].
Software as a Service located on the top layer, cloud storage is always an important key factor
for implement the application of cloud computing. Especially, the storage resource of the
Infrastructure as a Service on the bottom layer is the most important factor for supporting the
regular operation of networking service. This proposal gives more tractability to access data
through web based application that provide interface to users in anytime at anywhere through
network. While accessing these features in the cloud the main thing is security when accessing
data online. However, data security on the cloud side is not only focused on the process of data
transmission, but also the system security and data protection for those data stored on the
storages of the cloud side [1]. In the following, some consideration regarding the security issues
are to be focused.
2.1 Storage and system protection
Database can be defined as the capability of a system to provide reliable service even if any
attack takes place. Security in the storage database is the concurrent existence of:
3. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
50
2.1.1 Availability
The cloud provider might, additionally, replicate the data at multiple locations across countries
for the purposes of maintaining high availability [3]. The use of high availability is closely
related with disaster recovery.Availability refers to the property of a system being accessible
and usable upon demand by an authorized entity. Availability refers to data, software but also
hardware being available to authorized users upon demand [4].
2.1.2 Integrity
Data integrity is one of the most critical elements in any system. Data integrity in the system is
maintained via database constraints and transactions. Transactions should follow atomicity,
consistency, isolation and durability properties to ensure data integrity. The lack of integrity
controls at the data level could result in unplumbed problems. Developers need to approach this
danger cautiously, making sure they do not compromise databases’ integrity in their zeal to
move to cloud computing [3]. In addition, the service provider must present the assurance of
data integrity for the clients[1].
2.2 Data protection
The purpose of data protection legislation is to ensure that personal data is not processed
without the knowledge and, except in certain cases, the consent of the data subject, to ensure
that personal data which is processed is accurate, and to enforce a set of standards for the
processing of such information. For those data stored on the service provider of the cloud side
must not be accessed by unauthorized user and there should beseparate access mechanism for
the employees of the service provider without authorization and authentication of request that
presented by the user of the client side. Authorization becomes a challenge, especially when
systems and participants get numerous, when interconnected applications evolve dynamically
[26].Figure 1 shows intruder attack in the Cloud Database. In addition, the service provider
must present the assurance of data protection for the client. The main data protection risks to
your business are loss of data by third-party service providers are:
• unauthorized access to your data
• malicious activities targeting your service provider - e.g. hacking or viruses
• poor internal IT security compromising data protection [25]
Figure1. Intruder attack
2.3 Recovery
Every service provider in cloud computing should have a disaster recovery protocol to protect
user data. Disaster recovery capabilities are built into cloud computing environments and
on-demand resource capacity can be used for better resilience when facing increased service
demands or distributed denial of service attacks, and for quicker recovery from serious
incidents[13].
4. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
51
2.4 Update process
The data stored in the cloud may be frequently updated by the users, including insertion,
updating, appending etc. It is important to check correctness of data that is updated by user
under the dynamic process. It is ensure that data is updated frequently and inform to the
customers immediately that these changes have been made. It also affects the configuration that
affects the instances in the cloud because when data has been updated then there is also
necessary to secure that data so that data are in consistent state and saved correctly in proper
place and provided to the customers. If any intruder enters in the cloud and copied that data then
the customer may not know, because data have been widely spread throughout the network.
Unless the cloud provider has developed some sort of monitoring software which can
group/sort processes which have occurred for each user then this could be a large security
risk and make attacking clouds even more attractive for cyber criminals [2].
2.5 Data Isolation
All data entering in the cloud provider’s environment is encrypted with customer-controlled
keys; the data is isolated from processes and changes implemented by the cloud provider [17].
In database systems, isolation is a property that defines how/when the changes made by one
operation become visible to other concurrent operations [19]. For an application to run safely in
a public cloud, it needs to be isolated from the environment around it at all times. This isolation
is not just a matter of keeping protecting data and applications from threats, but also keeping
things such that unwanted changes by the cloud provider that could compromise your existing
security process [20].For deployed applications, it includes records and other content created or
used by the applications, as well as account information about the users of the applications.
Cloud providers need to ensure isolation of access - that software, data and services can
be safely partitioned within the cloud and that tenants sharing physical facilities cannot tap
into their neighbors proprietary information and applications[6].
2.6 Data Sanitization
Sanitization is the removal of sensitive data from a storage device in various situations,
such as when a storage device is removed from service or moved elsewhere to be stored.
Data sanitization also applies to backup copies made for recovery and restoration of service,
and also residual data remaining upon termination of service[11].In a cloud computing
environment, data from one subscriber is physically commingled with the data of other
subscribers, which can complicate matters. For instance, many examples exist of
researchers obtaining used drives from online auctions and other sources and recovering
large amounts of sensitive information from them. With the proper skills and equipment, it is
also possible to recover data from failed drives that are not disposed of properly by cloud
providers.
2.7 Note the Client’s Behavior
There are different types of user and different user’s access different data from the databases in
the cloud. It should be difficult to find that which user have access which type of information,
so it is necessary to find the activity of the user because data stored in the cloud may be
personal. When user want to access data in the cloud firstly to provide some identity to user.
When the user login in the cloud computing environment his identity should be recorded and
verify firstly. If the user is authorized then he will be allowed to enter in the cloud, if user is
unauthorized then there is no permission to enter in the cloud and access information in the
cloud. If the identity matches then provide the access to user and also note his behavior using
log files in separate system in the cloud. If user behavior like trespasser then they will be
tracked and punished with the cloud legal and regulatory services rules. In order to achieve the
5. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
52
trusted computing in the cloud computing system, we should have the mechanism to know not
only what the participants can do, but also what the participant have done. So the monitoring
function should be integrated into the cloud computing system to supervise the participant’s
behavior [12].
Access controls are one means to keep data away from unauthorized users; encryption is
another. Access controls are typically identity-based, which makes authentication of the user’s
identity an important issue in cloud computing[11].
Figure 2. Access control mechanism
3. SECURE SERVERS
Hypervisor is the “virtualizer” that maps from physical resources to virtualized resources and
vice versa. This virtualization not only reduces the system cost but also can dramatically
reduce the installation space of physical readers and the operation cost[24]. It is the main
controller of any access to the physical server resources by Virtual Machines[10].Over the
last several years, virtualization has become a fundamental technology in cloud computing and
enabled cloud computing platforms to dynamically allocate virtual machines as scalable Internet
services. However, Virtual Machine technology is going main stream in the IT industry, security
of VMs becomes the significant concern. Virtualization brings a more complex and risky
security environment [7].
3.1 Denial of service (DOS) vulnerabilities
A denial-of-service attack (DoS attack) is attempts to make computer resources are unavailable
to its intended users [21]. The resources are unavailable to users when attacker sends large
volume of malicious packets which legitimate the user to access the services. In virtualization
environment, services such as CPU, memory, disk and network are shared by VMs and the host.
So it is possible that a DOS will be imposed to Virtual Machines which correspondingly take all
the possible resources from the host. As a result, the system will deny any request from the
guests because of no resources available [7]. Therefore our prime concern is to find out the no
of packets being malicious in the legitimate requests and then mitigates them by an appropriate
mechanism.
3.2 Spoofing virtual network
IP Spoofingis a technique of hijacking browsers by redirecting the Internet user to a falsified
website. The interloper has the ability to fissure several networks in order to do this crime. In
the route mode, route plays a role as a “virtual switch”. The virtual switch uses a dedicated
6. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
53
virtual interface to connect each VM. In this case, a VM can do an Address Resolution Protocol
(ARP) spoofing, redirecting packets to them and be able to sniff packets going to and coming
from other VMs [7].
Figure 3. Spoofing IP in Virtual Network
Figure shows spoofing of IP in virtual Environment. A virtual route starts up and initializes the
routing table by sending an ARP command to each VM in boot time. In this example, Virtual
Machine2 makes an ARP spoofing attack. It forged a same IP address with Virtual Machine1
and sent an ARP to the virtual route. The virtual route will update the routing table information
when it receives the ARP request from Virtual Machine2 [7].
One way to handle this problem we can use authentication based on key exchange between the
machines on your network; something like Internet Protocol Security(IPSec) will overcomethe
risk of spoofing.Internet Protocol Security is a protocol suite for securing Internet Protocol (IP)
communications by authenticating and encrypting each IP packet of a communication session.
4. SECURITIES DURING TRANSMISSION
Using Cloud reduce the cost, greater flexibility and dynamic allocation of the resources provide
greater advantages for the users but despite these advantages there are also challenges when
transmit data from cloud to user and one cloud to other cloud. So there are mechanisms to
provide security during transmission that are as under
4.1 Provide Authentication
In cloud computing environment, different users from different origin can appeal to join the
Cloud. Then the first step is to prove their identities to the cloud computing system
administrator. Because in cloud computing different users demand different resources and other
applications, so the authentication is important and it is difficult process. It should be ensuring
that administrator has different access mechanism and users have different access mechanism. If
access is granted to the administrator, it does not necessarily mean access is granted to other
users.
Our main goal is to maintaining security without any loss of information. So we can achieve
this, firstly when any user sends request to server then user has to first register himself and after
that login with its username and password that was provided to him. If the user is valid then
server creates its log file that contains the information regarding its login and role of
information accessed. After this process there should be encryption scheme with keys that the
server creates unique key and send to client for the decryption. Then the client decrypts data
with this key[5]. It is very important in this type of shared environment to properly and securely
authenticate system users and administrators, and provide them with access to only the
resources they need to do their jobs or the resources that they own within the system.
7. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
54
For all of the enterprises, the management of user’s accounts is very important and must be
strictly defined. A lot of enterprises usually confront the problem of user account such as the
adoption of single sign on or each employee will be dispatched some different accounts to
access different systems. Thus, multi-authentication for each employee might be very often to
be confronted in an enterprise. Those accounts that come along with each individuals might be
the same or different. Therefore, it is very difficult for the administrator to manage those user’s
identification accounts. Through the implement of Identity and Access Management, every
enterprise could easily establish a managing mechanism to achieve the goal of user
identification, authentication, and authorization simultaneously [1].
4.2 Network Security
As for large size enterprises or business corporations, in order to assure the use of the
application of cloud computing, the service providers of cloud computing had better construct a
model that utilizing the network communication with the enterprise. In addition, the encryption
system and authenticating mechanism must be compulsive to maintain the information security
in the process of communication [1].
Figure 4. Virtual Firewall
Figure 4 shows virtual Firewall thatsupports filtering of packets, traffic management and access
control. In this way, it can mitigate the risks of viruses, worms, Trojans, and inappropriate use
in a virtual environment in the same way that a physical firewall could mitigate those risks if
every physical server was directly connect to a physical firewall[32]. A virtual Firewall provides
multiple logical firewalls for multiple networks on a single system. Using Virtual Firewall you
can control bandwidth utilization of each virtual machine in your infrastructure, preventing
overutilization and denial of service to critical applications.
5. CLOUD LEGAL AND REGULATORY SERVICES
With cloud computing, sometimes it is possible that physical location of data is spread across
different regions and countries. The main problem with this widely spread data across different
countries is that they have different laws to that data on the cloud and that could be a big
issue if the host country does not have adequate laws to protect sensitive data[8].
Enterprises should require that the cloud computing provider store and process data in specific
jurisdictions and should obey the security rules of those jurisdictions.
The majority of respondents believed that data should not encounter compatibility problems if
transported across different cloud providers if necessary, and the service level agreement should
contain details about such transfer of data [22].Therefore it reveals a clear need for Cloud
Computing customers to include specific clauses in their services agreement that prohibit the
8. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
55
provider from monitoring the customer's data usage or using this information for any purpose
other than providing services to the customer.
6. ASSOCIATION OF SECURITY AMONG MULTI-CLOUDS
In Cloud Computing when customer wants to access data from different cloud then according
the services provided from different clouds there must be security provided on both the clouds
so that there is no loss of data during transfer. The same case when multiple clouds integrate
together to deliver a bigger pool of resources or integrated services, their security
requirements needs to be federated and enforced on different involved cloud platforms
[10].
An SLA represents the understanding between the cloud subscriber and cloud provider about
the expected level of service to be delivered and, in the event that the provider fails to deliver
the service at the level specified, the compensation available to the cloud subscriber [13].In
addition, an enterprise that use the application of cloud computing must have Service Level
Agreement (SLA). In SLA is an agreement that records the services provides to user, guarantee
and responsibility in the cloud so that information will not be access by any unauthorized user.
7. CLOUD ACCESS SECURITY
In order to assure the information security and data integrity, Hypertext Transfer Protocol
Secure (HTTPS) and Secure Shell (SSH) are the most common adoption [1].SSL (Secure
Socket Layer) delivery, or https, encrypts your data in transit as it goes through the Content
Distributed Network. Your content remains encrypted all the way from the origin servers out to
the browser. You can choose to serve your content over SSL on a per object basis simply by
using your SSL (Secure Socket Layer) URL [23].
VPN and FTP in case of VMs and storage services, Security controls should target
vulnerabilities related to these protocols to protect data transferred between the cloud platform
and the consumers [10].
8. CONCLUSION
Cloud computing is one of the bright model for both cloud providers and consumers. There are
many advantages using cloud computing model but despite these advantages there are also
challenges-specifically, security challenges in the cloud. We need to immobilize all the areas
where security must be needed for accessing the information and sharing the resources. In this
paper we discuss the most common unaddressed security areas in the cloud computing. For the
secure environment in the cloud we need to provide some authentication mechanism for
accessing the information as well as accessing the resources and also there should be system
that monitor whole process and save the log files in that system. Though there are many
concerns regarding dynamic allocation and information storage security my research much more
concern to derive the areas where security needed.
9. REFERENCES
[1] Chang-Lung Tsai, Uei-Chin Lin, (2011) “Information Security of Cloud Computing for Enterprises”,
Advances on Information Sciences and Service Sciences. Volume 3, Number 1, February 2011.
[2] Sean Carlin, Kevin Curran,( 2011) “Cloud Computing Security”, International Journal of Ambient
Computing and Intelligence, Vol. 3, No. 1, pp:38-46, April-June 2011, ISSN: 1941-6237, IGI
Publishing.
[3] S. Subashini, V. Kavitha, (2011) “A survey on security issues in service delivery models of cloud
computing”, Journal of Network and Computer Applications 34 (2011) 1–11.
10. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011
57
[24]Shin-ichiKuribayashi and Yasunori Osana, (2010) “System Virtualization and Efficient ID
Transmission Method for RFID Tag Infrastructure Network”, International Journal of
Computer Networks & Communications (IJCNC) Vol.2, No.6, November 2010.
[25]“Dataprotectionandcloudcomputing” http://www.businesslink.gov.uk/bdotg/action/detail?itemId
=1084 89193&type=RESOURCES
[26]Ulrich Lang, (2010) “OpenPMFSCaaS: Authorization as a Service for Cloud & SOA Applications”,
2nd IEEE International Conference on Cloud Computing Technology and Science 2010.
Authors
Dr. Gurdev Singh was born in 1982 in Amritsar, India. He received his M.Sc. in
Mathematics in 2002, M.Tech. in information Technology in 2004 and Ph.D. in 2010.
Presently, He is working as Associate Professor & Head, Department of Computer
Science & Engineering, Eternal University,Baru Sahib, Himachal Pradesh, India. In
addition he has the responsibilities of Assistant Dean of Studies, Assistant Controller
of examination, Eternal University, Baru Sahib. He is also heading “Chhina Insurance
Agency” as ‘Director of Technology’ at P.O. Box 964, Manteca, CA 95336, USA.
During his work for 7 years, he has numerous challenging assignments to his credit, in
the areas of Computer Science. He has chaired many technical sessions in National seminars and
conferences. He had worked on various software engineering projects. His research interest includes
Software Testing, Cloud Security and Quality Insurance.
Amit Sharma received his B.Tech degree in Computer Science & Engineering. in
2008 from Kurkshetra University and pursuing M.Tech (part time) in Computer
Science and Engineering at Eternal University, Baru Sahib (H.P). He is currently a
Lecturer in department of Computer Science & Engineering at Eternal University
(www.eternaluniversity.edu.in), Baru Sahib (H.P). He has a total experience of 2 years
in teaching. His research interests include Cloud Computing Security, Software
Engineering and Network Security.
Manpreet Singh Lehal received his M.Sc. in Mathematics in 2002, M.Tech. in
information Technology in 2004. He is presently working as Assistant Professor, Post
Graduate Department of Computer Science, Lyallpur Khalsa College, Jalandhar, and
Punjab, India. He has more than 6 years of experience in teaching. His areas of interest
are computer graphics, fuzzy logic and cloud Computing. He worked on a number of
major and minor projects.