This document summarizes a research paper on security issues related to cloud computing for micro, small, and medium enterprises (MSMEs). The paper discusses how MSMEs have started adopting cloud computing solutions to improve operations and cope with challenges from increasing competition. While cloud computing provides benefits like efficient applications and flexibility, security poses challenges when storing data remotely with unknown providers. The paper focuses on analyzing security risks for MSMEs adopting cloud technologies and identifying their needs, requirements, and expectations around cloud computing services.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Implementing Iris in the Railway Control Office Application for Secure Saas i...IJERA Editor
Technology plays a vital role in each and every part of the world. In particular ―Cloud‖ computing - a
moderately recent term, characterizes the path to develop the advancement in the world of computer science.
Further, Cloud provides an affordable environment for its users through different forms of services such as SaaS
(Software as a service), PaaS (Platform as a service), and IaaS (Infrastructure as a Service). Cloud computing is
also an Internet-based computing where a large pool of systems are connected in private or public networks, and
provide dynamically scalable infrastructure for application data as well as file storage. Security of Cloud
computing is an evolving sub-domain of network security, computer security and information security. In spite
of its advantages, Cloud environment has many security flaws such as loss of important data, data leakage and
something related to cloning, resource pooling etc. Security of Cloud Computing is an emerging area for study.
It includes several security and privacy issues with challenges and solutions for many security issues of cloud
computing. The Control Office Application (COA) is the latest addition to train operations related IT application
of Indian Railways. Along with the Freight Operations Information System (FOIS), COA has led to a complete
transformation in train operations and facilitates all information on train operations being computer generated. It
is this application that feeds the National Train Enquiry System (NTES) which provides passengers with up to
date information on train running. COA also provides train operations information to FOIS and ICMS. The
objective of the Indian Railways is to further improve the operations by using technological aids that enable
quicker data capture and intelligent applications that provide better planning and forecasting tools. To overcome
these issues, in Cloud computing, we can use SaaS (software as a service). In this paper, we have proposed a
new IRIS algorithm to authenticate the users of COA software in the cloud environment.
Services, security challenges and security policies in cloud computingeSAT Journals
Abstract Cloud computing is becoming most emerging trend in IT industry. With its potential growth and lucrative services cloud computing has acquired mass market in the industry large enterprises running their business on the cloud. A greater acceptance of public cloud by various businesses has given it a wide popularity, strengthening of public cloud security is big milestone. The public cloud acceptance is increasing along with the trust in public cloud at large extent. As the security is most vital factor in the cloud. Handovering data to the cloud service provider keeps cloud user tensed. Different threats have been discovered in recent years. Database security in public cloud raised some critical issues for cloud service provider. This rapid adaptation to the clouds, have increased concerns on a critical issue for successive growth of communication technology and information security. From a cloud security perspective, a number of unexplored risks and challenges are faced by cloud because of migration, causing degradation of the effectiveness of traditional protection mechanisms. Keywords: Cloud computing, Cloud DBaaS, public cloud, Cloud Security, Confidentiality, Trust, Encryption.
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...IJERA Editor
Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with
almost no investment in new framework, training new staff, or authorizing new software. Though today
everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business
on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security
assurance to its customers and therefore, businesses are hesitant to accept cloud and the vast benefits that come
along with it. The absence of proper security controls delimits the benefits of cloud. In this paper, a review on
different cloud service models and a survey of the different security challenges and issues while providing
services in cloud is presented .The paper focuses on the security issues specific to service delivery model (SaaS,
IaaS and PaaS) of cloud environment. This paper also explores the various security solutions currently being
applied to protect cloud from various kinds of intruders.
Cloud Computing is a versatile technology that can support a broad-spectrum of applications. The low cost of cloud computing and its dynamic scaling renders it an innovation driver for small companies, particularly in the developing world. Cloud deployed enterprise resource planning (ERP), supply chain management applications (SCM), customer relationship management (CRM) applications, medical applications and mobile applications have potential to reach millions of users. In this paper, we explore the different concepts involved in cloud computing. Leveraging our experiences on various clouds, we examine clouds from technical, and service aspects. We highlight some of the opportunities in cloud computing, underlining the importance of clouds and showing why that technology must succeed. Finally, we discuss some of the issues that this area should deal with. The paper aims to provide a means of understanding the model and exploring options available for complementing your technology and infrastructure needs.
Abstraction and Automation: A Software Design Approach for Developing Secure ...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
Cloud computing is an important transition that makes change in service oriented computing
technology. Cloud service provider follows pay-as-you-go pricing approach which means consumer uses as
many resources as he need and billed by the provider based on the resource consumed. CSP give a quality of
service in the form of a service level agreement. For transparent billing, each billing transaction should be
protected against forgery and false modifications. Although CSPs provide service billing records, they cannot
provide trustworthiness. It is due to user or CSP can modify the billing records. In this case even a third party
cannot confirm that the user’s record is correct or CSPs record is correct. To overcome these limitations we
introduced a secure billing system called THEMIS. For secure billing system THEMIS introduces a concept of
cloud notary authority (CNA). CNA generates mutually verifiable binding information that can be used to
resolve future disputes between user and CSP. This project will produce the secure billing through monitoring
the service level agreement (SLA) by using the SMon module. CNA can get a service logs from SMon and stored
it in a local repository for further reference. Even administrator of a cloud system cannot modify or falsify the
data.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Netmagic stresses on how switching to the cloud allows organizations to meet their changing needs and goals without large capital or time investments. Read more here!
IMPROVING PRIVACY AND SECURITY IN MULTITENANT CLOUD ERP SYSTEMSacijjournal
This paper discusses cloud ERP security challenges and their existing solutions. Initially, a set of definitions associated with ERP systems, cloud computing, and multi-tenancy, along with their respective challenges and issues regarding security and privacy, are provided. Next, a set of security challenges is listed, discussed, and mapped to the existing solutions to solve these problems. This thesis aims to build an effective approach to the cloud ERP security management model in terms of data storage, data virtualization, data isolation, and access security in cloud ERP. The following proposed techniques are used to improve the security for multi-tenant SaaS: database virtualization, implementation of data encryption and search functionality on databases and developed systems, distribution of data between tenant and ERP providers, secure application deployment in multi-tenant environments, implementation of the authentication and developed systems together as a two-factor authentication, and improved user access control for multi-tenant ERP clouds.
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
SDN creates a tailored or customized network experience which enables greater level of speed, flexibility, agility and scale in the data center. Read here from Netmagic Solutions.
Cloud computing is architecture for providing
computing service via the internet on demand and pay per use
access to a pool of shared resources namely networks, storage,
servers, services and applications, without physically acquiring
them. So it saves managing cost and time for organizations. The
market size the cloud computing shared is still far behind the one
expected. From the consumers’ perspective, cloud computing
security concerns, especially data security and privacy protection
issues, remain the primary inhibitor for adoption of cloud
computing services. The security for Cloud Computing is
emerging area for study and this paper provide security topic in
terms of cloud computing based on analysis of Cloud Security
treats and Technical Components of Cloud Computing
Implementing Iris in the Railway Control Office Application for Secure Saas i...IJERA Editor
Technology plays a vital role in each and every part of the world. In particular ―Cloud‖ computing - a
moderately recent term, characterizes the path to develop the advancement in the world of computer science.
Further, Cloud provides an affordable environment for its users through different forms of services such as SaaS
(Software as a service), PaaS (Platform as a service), and IaaS (Infrastructure as a Service). Cloud computing is
also an Internet-based computing where a large pool of systems are connected in private or public networks, and
provide dynamically scalable infrastructure for application data as well as file storage. Security of Cloud
computing is an evolving sub-domain of network security, computer security and information security. In spite
of its advantages, Cloud environment has many security flaws such as loss of important data, data leakage and
something related to cloning, resource pooling etc. Security of Cloud Computing is an emerging area for study.
It includes several security and privacy issues with challenges and solutions for many security issues of cloud
computing. The Control Office Application (COA) is the latest addition to train operations related IT application
of Indian Railways. Along with the Freight Operations Information System (FOIS), COA has led to a complete
transformation in train operations and facilitates all information on train operations being computer generated. It
is this application that feeds the National Train Enquiry System (NTES) which provides passengers with up to
date information on train running. COA also provides train operations information to FOIS and ICMS. The
objective of the Indian Railways is to further improve the operations by using technological aids that enable
quicker data capture and intelligent applications that provide better planning and forecasting tools. To overcome
these issues, in Cloud computing, we can use SaaS (software as a service). In this paper, we have proposed a
new IRIS algorithm to authenticate the users of COA software in the cloud environment.
Services, security challenges and security policies in cloud computingeSAT Journals
Abstract Cloud computing is becoming most emerging trend in IT industry. With its potential growth and lucrative services cloud computing has acquired mass market in the industry large enterprises running their business on the cloud. A greater acceptance of public cloud by various businesses has given it a wide popularity, strengthening of public cloud security is big milestone. The public cloud acceptance is increasing along with the trust in public cloud at large extent. As the security is most vital factor in the cloud. Handovering data to the cloud service provider keeps cloud user tensed. Different threats have been discovered in recent years. Database security in public cloud raised some critical issues for cloud service provider. This rapid adaptation to the clouds, have increased concerns on a critical issue for successive growth of communication technology and information security. From a cloud security perspective, a number of unexplored risks and challenges are faced by cloud because of migration, causing degradation of the effectiveness of traditional protection mechanisms. Keywords: Cloud computing, Cloud DBaaS, public cloud, Cloud Security, Confidentiality, Trust, Encryption.
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...IJERA Editor
Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with
almost no investment in new framework, training new staff, or authorizing new software. Though today
everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business
on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security
assurance to its customers and therefore, businesses are hesitant to accept cloud and the vast benefits that come
along with it. The absence of proper security controls delimits the benefits of cloud. In this paper, a review on
different cloud service models and a survey of the different security challenges and issues while providing
services in cloud is presented .The paper focuses on the security issues specific to service delivery model (SaaS,
IaaS and PaaS) of cloud environment. This paper also explores the various security solutions currently being
applied to protect cloud from various kinds of intruders.
Cloud Computing is a versatile technology that can support a broad-spectrum of applications. The low cost of cloud computing and its dynamic scaling renders it an innovation driver for small companies, particularly in the developing world. Cloud deployed enterprise resource planning (ERP), supply chain management applications (SCM), customer relationship management (CRM) applications, medical applications and mobile applications have potential to reach millions of users. In this paper, we explore the different concepts involved in cloud computing. Leveraging our experiences on various clouds, we examine clouds from technical, and service aspects. We highlight some of the opportunities in cloud computing, underlining the importance of clouds and showing why that technology must succeed. Finally, we discuss some of the issues that this area should deal with. The paper aims to provide a means of understanding the model and exploring options available for complementing your technology and infrastructure needs.
Abstraction and Automation: A Software Design Approach for Developing Secure ...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
Cloud computing is an important transition that makes change in service oriented computing
technology. Cloud service provider follows pay-as-you-go pricing approach which means consumer uses as
many resources as he need and billed by the provider based on the resource consumed. CSP give a quality of
service in the form of a service level agreement. For transparent billing, each billing transaction should be
protected against forgery and false modifications. Although CSPs provide service billing records, they cannot
provide trustworthiness. It is due to user or CSP can modify the billing records. In this case even a third party
cannot confirm that the user’s record is correct or CSPs record is correct. To overcome these limitations we
introduced a secure billing system called THEMIS. For secure billing system THEMIS introduces a concept of
cloud notary authority (CNA). CNA generates mutually verifiable binding information that can be used to
resolve future disputes between user and CSP. This project will produce the secure billing through monitoring
the service level agreement (SLA) by using the SMon module. CNA can get a service logs from SMon and stored
it in a local repository for further reference. Even administrator of a cloud system cannot modify or falsify the
data.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Netmagic stresses on how switching to the cloud allows organizations to meet their changing needs and goals without large capital or time investments. Read more here!
IMPROVING PRIVACY AND SECURITY IN MULTITENANT CLOUD ERP SYSTEMSacijjournal
This paper discusses cloud ERP security challenges and their existing solutions. Initially, a set of definitions associated with ERP systems, cloud computing, and multi-tenancy, along with their respective challenges and issues regarding security and privacy, are provided. Next, a set of security challenges is listed, discussed, and mapped to the existing solutions to solve these problems. This thesis aims to build an effective approach to the cloud ERP security management model in terms of data storage, data virtualization, data isolation, and access security in cloud ERP. The following proposed techniques are used to improve the security for multi-tenant SaaS: database virtualization, implementation of data encryption and search functionality on databases and developed systems, distribution of data between tenant and ERP providers, secure application deployment in multi-tenant environments, implementation of the authentication and developed systems together as a two-factor authentication, and improved user access control for multi-tenant ERP clouds.
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
SDN creates a tailored or customized network experience which enables greater level of speed, flexibility, agility and scale in the data center. Read here from Netmagic Solutions.
Cloud computing is architecture for providing
computing service via the internet on demand and pay per use
access to a pool of shared resources namely networks, storage,
servers, services and applications, without physically acquiring
them. So it saves managing cost and time for organizations. The
market size the cloud computing shared is still far behind the one
expected. From the consumers’ perspective, cloud computing
security concerns, especially data security and privacy protection
issues, remain the primary inhibitor for adoption of cloud
computing services. The security for Cloud Computing is
emerging area for study and this paper provide security topic in
terms of cloud computing based on analysis of Cloud Security
treats and Technical Components of Cloud Computing
Searching is one of the important operations in computer science. Retrieving information from
huge databases takes a lot of processing time to get the results. The user has to wait till the completion
of processing to find whether search is successful or not. In this research paper, it provides a detailed
study of Binary Search and how the time complexity of Binary Search can be reduced by using Odd
Even Based Binary Search Algorithm, which is an extension of classical binary search strategy. The
worst case time complexity of Binary Search can be reduced from O(log2N) to O(log2(N-M)) where
N is total number of items in the list and M is total number of even numbers if search KEY is ODD
or M is total number of odd numbers if search KEY is EVEN. Whenever the search KEY is given, first
the KEY is determined whether it is odd or even. If given KEY is odd, then only odd numbers from
the list are searched by completely ignoring list of even numbers. If given KEY is even, then only
even numbers from the list are searched by completely ignoring list of odd numbers. The output of
Odd Even Based algorithm is given as an input to Binary Search algorithm. Using Odd Even Based
Binary Search algorithm, the worst case performances in Binary Search algorithm are converted
into best case or average case performance. Therefore, it reduces total number of comparisons, time
complexity and usage of various computer resources.
Hydraulics now a days is a very distinguished area which has lot of major challenges often came in its
progress due to the realistic changes affecting on applicable working fluid viz. Water. Most occasions,
Water can be easily available but in certain times it may be scarce also. The available water vary according
to its properties. It exists in normal conditions as well as salty or hardy due to deposits. Majority of Water
is contaminated with minerals, dust or dirt. Often pure water which may be acidic or alkaline can be used
for making discharges through the Turbines
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Addressing the cloud computing security menaceeSAT Journals
Abstract Cloud Computing is fast gaining popularity today with its scalable, flexible and on-demand service provision. It brings cost saving and agility to organization with pay-as-you-go approach. Abundant resources are available and the user has a huge range to select from. Cloud facilitates virtualization, simplification, automation and accelerated delivery of application and services for a sustainable business advantage. As much as the technological benefit, cloud computing also has security issues. Security in cloud computing is essential for providing quality of service. In this paper we address security issues which concern cloud computing environment today. We analyze Cloud Computing and security menace it faces due to different threats. Index Terms: Cloud Computing, Cloud Service Provider (CSP), Cloud Security, Cloud User, SaaS, PaaS, IaaS, StaaS
International Journal of Business and Management Invention (IJBMI) is an international journal intended for professionals and researchers in all fields of Business and Management. IJBMI publishes research articles and reviews within the whole field Business and Management, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
Security threat issues and countermeasures in cloud computingJahangeer Qadiree
Cloud computing field has reached to the highest level of technical heights. The security problems of cloud computing hinders
its development. It is totally internet based technology where the resources and information shared on a distributed network. So
it is important for both provider as well as consumer to provide the security and trust to share the data for developing clou d
computing applications. Because now organizations are now moving fast towards the cloud. So there is the possibility of threats
that will harm the data on the cloud. In our paper we mainly focuses on security threats of cloud computing system also we
mention some solutions and countermeasures on these security problems
Cloud computing has become one of the most interesting topics in the IT world today. Cloud model of computing as a resource has changed the landscape of computing as it promises of increased greater reliability, massive scalability, and decreased costs have attracted businesses and individuals alike. It adds capabilities to Information Technology’s. Over the last few years, cloud computing has grown considerably in Information Technology. As more and more information of individuals and companies are placed in the cloud, there is a growing concern about the safety of information. Many Companies that are considered to be giants in software industry like Microsoft are joining to develop Cloud services [1]. Despite the hype about the cloud, customers are reluctant to deploy their business in the cloud. Security issues is one of the biggest concerns that has been affecting the growth of cloud computing .It adds complications with data privacy and data protection continues to affect the market. Users need to understand the risk of data breaches in the cloud environment. The paper highlights issues related to cloud computing.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
CLOUD COMPUTING – KEY PILLAR FOR DIGITAL INDIAijistjournal
Companies are doing marketing or branding of their products and services using digital media. Life is becoming so smooth and transparent by the sharing of information through the digital mediums. Whether it is a small or a big company, everybody is running for the competition, because they want to lock their customers. In this paper current market scenario is included with respect to cloud computing solution. Data access at present has limitations. Government data which is publicly accessible should have some policy. Cloud Computing is likely to be one of the key pillars on which various e-Governance services would ride. Digital India is a program to prepare India for a knowledge future. Digital India should have policy wherein the Government will be providing information and services to internal and external stakeholders. Cloud computing has become the most stimulating development and delivery alternative in the new millennium. A lot of departments are showing interest to adopt Cloud technology, but awareness on Cloud security needs to be increased. The adoption of Cloud is helping organizations innovate, do things faster, become more agile and enhance their revenue stream. In this paper, the information regarding cloud services and models are provided. Also, the main focus is on what government can do with the help of it for Digital India mission?
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
Similar to Security issues in cloud computing for msmes (20)
Submission Deadline: 30th September 2022
Acceptance Notification: Within Three Days’ time period
Online Publication: Within 24 Hrs. time Period
Expected Date of Dispatch of Printed Journal: 5th October 2022
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...IAEME Publication
White layer thickness (WLT) formed and surface roughness in wire electric discharge turning (WEDT) of tungsten carbide composite has been made to model through response surface methodology (RSM). A Taguchi’s standard Design of experiments involving five input variables with three levels has been employed to establish a mathematical model between input parameters and responses. Percentage of cobalt content, spindle speed, Pulse on-time, wire feed and pulse off-time were changed during the experimental tests based on the Taguchi’s orthogonal array L27 (3^13). Analysis of variance (ANOVA) revealed that the mathematical models obtained can adequately describe performance within the parameters of the factors considered. There was a good agreement between the experimental and predicted values in this study.
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURSIAEME Publication
The study explores the reasons for a transgender to become entrepreneurs. In this study transgender entrepreneur was taken as independent variable and reasons to become as dependent variable. Data were collected through a structured questionnaire containing a five point Likert Scale. The study examined the data of 30 transgender entrepreneurs in Salem Municipal Corporation of Tamil Nadu State, India. Simple Random sampling technique was used. Garrett Ranking Technique (Percentile Position, Mean Scores) was used as the analysis for the present study to identify the top 13 stimulus factors for establishment of trans entrepreneurial venture. Economic advancement of a nation is governed upon the upshot of a resolute entrepreneurial doings. The conception of entrepreneurship has stretched and materialized to the socially deflated uncharted sections of transgender community. Presently transgenders have smashed their stereotypes and are making recent headlines of achievements in various fields of our Indian society. The trans-community is gradually being observed in a new light and has been trying to achieve prospective growth in entrepreneurship. The findings of the research revealed that the optimistic changes are taking place to change affirmative societal outlook of the transgender for entrepreneurial ventureship. It also laid emphasis on other transgenders to renovate their traditional living. The paper also highlights that legislators, supervisory body should endorse an impartial canons and reforms in Tamil Nadu Transgender Welfare Board Association.
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURSIAEME Publication
Since ages gender difference is always a debatable theme whether caused by nature, evolution or environment. The birth of a transgender is dreadful not only for the child but also for their parents. The pain of living in the wrong physique and treated as second class victimized citizen is outrageous and fully harboured with vicious baseless negative scruples. For so long, social exclusion had perpetuated inequality and deprivation experiencing ingrained malign stigma and besieged victims of crime or violence across their life spans. They are pushed into the murky way of life with a source of eternal disgust, bereft sexual potency and perennial fear. Although they are highly visible but very little is known about them. The common public needs to comprehend the ravaged arrogance on these insensitive souls and assist in integrating them into the mainstream by offering equal opportunity, treat with humanity and respect their dignity. Entrepreneurship in the current age is endorsing the gender fairness movement. Unstable careers and economic inadequacy had inclined one of the gender variant people called Transgender to become entrepreneurs. These tiny budding entrepreneurs resulted in economic transition by means of employment, free from the clutches of stereotype jobs, raised standard of living and handful of financial empowerment. Besides all these inhibitions, they were able to witness a platform for skill set development that ignited them to enter into entrepreneurial domain. This paper epitomizes skill sets involved in trans-entrepreneurs of Thoothukudi Municipal Corporation of Tamil Nadu State and is a groundbreaking determination to sightsee various skills incorporated and the impact on entrepreneurship.
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONSIAEME Publication
The banking and financial services industries are experiencing increased technology penetration. Among them, the banking industry has made technological advancements to better serve the general populace. The economy focused on transforming the banking sector's system into a cashless, paperless, and faceless one. The researcher wants to evaluate the user's intention for utilising a mobile banking application. The study also examines the variables affecting the user's behaviour intention when selecting specific applications for financial transactions. The researcher employed a well-structured questionnaire and a descriptive study methodology to gather the respondents' primary data utilising the snowball sampling technique. The study includes variables like performance expectations, effort expectations, social impact, enabling circumstances, and perceived risk. Each of the aforementioned variables has a major impact on how users utilise mobile banking applications. The outcome will assist the service provider in comprehending the user's history with mobile banking applications.
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONSIAEME Publication
Technology upgradation in banking sector took the economy to view that payment mode towards online transactions using mobile applications. This system enabled connectivity between banks, Merchant and user in a convenient mode. there are various applications used for online transactions such as Google pay, Paytm, freecharge, mobikiwi, oxygen, phonepe and so on and it also includes mobile banking applications. The study aimed at evaluating the predilection of the user in adopting digital transaction. The study is descriptive in nature. The researcher used random sample techniques to collect the data. The findings reveal that mobile applications differ with the quality of service rendered by Gpay and Phonepe. The researcher suggest the Phonepe application should focus on implementing the application should be user friendly interface and Gpay on motivating the users to feel the importance of request for money and modes of payments in the application.
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINOIAEME Publication
The prototype of a voice-based ATM for visually impaired using Arduino is to help people who are blind. This uses RFID cards which contain users fingerprint encrypted on it and interacts with the users through voice commands. ATM operates when sensor detects the presence of one person in the cabin. After scanning the RFID card, it will ask to select the mode like –normal or blind. User can select the respective mode through voice input, if blind mode is selected the balance check or cash withdraw can be done through voice input. Normal mode procedure is same as the existing ATM.
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...IAEME Publication
There is increasing acceptability of emotional intelligence as a major factor in personality assessment and effective human resource management. Emotional intelligence as the ability to build capacity, empathize, co-operate, motivate and develop others cannot be divorced from both effective performance and human resource management systems. The human person is crucial in defining organizational leadership and fortunes in terms of challenges and opportunities and walking across both multinational and bilateral relationships. The growing complexity of the business world requires a great deal of self-confidence, integrity, communication, conflict and diversity management to keep the global enterprise within the paths of productivity and sustainability. Using the exploratory research design and 255 participants the result of this original study indicates strong positive correlation between emotional intelligence and effective human resource management. The paper offers suggestions on further studies between emotional intelligence and human capital development and recommends for conflict management as an integral part of effective human resource management.
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMYIAEME Publication
Our life journey, in general, is closely defined by the way we understand the meaning of why we coexist and deal with its challenges. As we develop the "inspiration economy", we could say that nearly all of the challenges we have faced are opportunities that help us to discover the rest of our journey. In this note paper, we explore how being faced with the opportunity of being a close carer for an aging parent with dementia brought intangible discoveries that changed our insight of the meaning of the rest of our life journey.
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...IAEME Publication
The main objective of this study is to analyze the impact of aspects of Organizational Culture on the Effectiveness of the Performance Management System (PMS) in the Health Care Organization at Thanjavur. Organizational Culture and PMS play a crucial role in present-day organizations in achieving their objectives. PMS needs employees’ cooperation to achieve its intended objectives. Employees' cooperation depends upon the organization’s culture. The present study uses exploratory research to examine the relationship between the Organization's culture and the Effectiveness of the Performance Management System. The study uses a Structured Questionnaire to collect the primary data. For this study, Thirty-six non-clinical employees were selected from twelve randomly selected Health Care organizations at Thanjavur. Thirty-two fully completed questionnaires were received.
Living in 21st century in itself reminds all of us the necessity of police and its administration. As more and more we are entering into the modern society and culture, the more we require the services of the so called ‘Khaki Worthy’ men i.e., the police personnel. Whether we talk of Indian police or the other nation’s police, they all have the same recognition as they have in India. But as already mentioned, their services and requirements are different after the like 26th November, 2008 incidents, where they without saving their own lives has sacrificed themselves without any hitch and without caring about their respective family members and wards. In other words, they are like our heroes and mentors who can guide us from the darkness of fear, militancy, corruption and other dark sides of life and so on. Now the question arises, if Gandhi would have been alive today, what would have been his reaction/opinion to the police and its functioning? Would he have some thing different in his mind now what he had been in his mind before the partition or would he be going to start some Satyagraha in the form of some improvement in the functioning of the police administration? Really these questions or rather night mares can come to any one’s mind, when there is too much confusion is prevailing in our minds, when there is too much corruption in the society and when the polices working is also in the questioning because of one or the other case throughout the India. It is matter of great concern that we have to thing over our administration and our practical approach because the police personals are also like us, they are part and parcel of our society and among one of us, so why we all are pin pointing towards them.
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...IAEME Publication
The goal of this study was to see how talent management affected employee retention in the selected IT organizations in Chennai. The fundamental issue was the difficulty to attract, hire, and retain talented personnel who perform well and the gap between supply and demand of talent acquisition and retaining them within the firms. The study's main goals were to determine the impact of talent management on employee retention in IT companies in Chennai, investigate talent management strategies that IT companies could use to improve talent acquisition, performance management, career planning and formulate retention strategies that the IT firms could use. The respondents were given a structured close-ended questionnaire with the 5 Point Likert Scale as part of the study's quantitative research design. The target population consisted of 289 IT professionals. The questionnaires were distributed and collected by the researcher directly. The Statistical Package for Social Sciences (SPSS) was used to collect and analyse the questionnaire responses. Hypotheses that were formulated for the various areas of the study were tested using a variety of statistical tests. The key findings of the study suggested that talent management had an impact on employee retention. The studies also found that there is a clear link between the implementation of talent management and retention measures. Management should provide enough training and development for employees, clarify job responsibilities, provide adequate remuneration packages, and recognise employees for exceptional performance.
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...IAEME Publication
Globally, Millions of dollars were spent by the organizations for employing skilled Information Technology (IT) professionals. It is costly to replace unskilled employees with IT professionals possessing technical skills and competencies that aid in interconnecting the business processes. The organization’s employment tactics were forced to alter by globalization along with technological innovations as they consistently diminish to remain lean, outsource to concentrate on core competencies along with restructuring/reallocate personnel to gather efficiency. As other jobs, organizations or professions have become reasonably more appropriate in a shifting employment landscape, the above alterations trigger both involuntary as well as voluntary turnover. The employee view on jobs is also afflicted by the COVID-19 pandemic along with the employee-driven labour market. So, having effective strategies is necessary to tackle the withdrawal rate of employees. By associating Emotional Intelligence (EI) along with Talent Management (TM) in the IT industry, the rise in attrition rate was analyzed in this study. Only 303 respondents were collected out of 350 participants to whom questionnaires were distributed. From the employees of IT organizations located in Bangalore (India), the data were congregated. A simple random sampling methodology was employed to congregate data as of the respondents. Generating the hypothesis along with testing is eventuated. The effect of EI and TM along with regression analysis between TM and EI was analyzed. The outcomes indicated that employee and Organizational Performance (OP) were elevated by effective EI along with TM.
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...IAEME Publication
By implementing talent management strategy, organizations would have the option to retain their skilled professionals while additionally working on their overall performance. It is the course of appropriately utilizing the ideal individuals, setting them up for future top positions, exploring and dealing with their performance, and holding them back from leaving the organization. It is employee performance that determines the success of every organization. The firm quickly obtains an upper hand over its rivals in the event that its employees having particular skills that cannot be duplicated by the competitors. Thus, firms are centred on creating successful talent management practices and processes to deal with the unique human resources. Firms are additionally endeavouring to keep their top/key staff since on the off chance that they leave; the whole store of information leaves the firm's hands. The study's objective was to determine the impact of talent management on organizational performance among the selected IT organizations in Chennai. The study recommends that talent management limitedly affects performance. On the off chance that this talent is appropriately management and implemented properly, organizations might benefit as much as possible from their maintained assets to support development and productivity, both monetarily and non-monetarily.
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...IAEME Publication
Banking regulations act of India, 1949 defines banking as “acceptance of deposits for the purpose of lending or investment from the public, repayment on demand or otherwise and withdrawable through cheques, drafts order or otherwise”, the major participants of the Indian financial system are commercial banks, the financial institution encompassing term lending institutions. Investments institutions, specialized financial institution and the state level development banks, non banking financial companies (NBFC) and other market intermediaries such has the stock brokers and money lenders are among the oldest of the certain variants of NBFC and the oldest market participants. The asset quality of banks is one of the most important indicators of their financial health. The Indian banking sector has been facing severe problems of increasing Non- Performing Assets (NPAs). The NPAs growth directly and indirectly affects the quality of assets and profitability of banks. It also shows the efficiency of banks credit risk management and the recovery effectiveness. NPA do not generate any income, whereas, the bank is required to make provisions for such as assets that why is a double edge weapon. This paper outlines the concept of quality of bank loans of different types like Housing, Agriculture and MSME loans in state Haryana of selected public and private sector banks. This study is highlighting problems associated with the role of commercial bank in financing Small and Medium Scale Enterprises (SME). The overall objective of the research was to assess the effect of the financing provisions existing for the setting up and operations of MSMEs in the country and to generate recommendations for more robust financing mechanisms for successful operation of the MSMEs, in turn understanding the impact of MSME loans on financial institutions due to NPA. There are many research conducted on the topic of Non- Performing Assets (NPA) Management, concerning particular bank, comparative study of public and private banks etc. In this paper the researcher is considering the aggregate data of selected public sector and private sector banks and attempts to compare the NPA of Housing, Agriculture and MSME loans in state Haryana of public and private sector banks. The tools used in the study are average and Anova test and variance. The findings reveal that NPA is common problem for both public and private sector banks and is associated with all types of loans either that is housing loans, agriculture loans and loans to SMES. NPAs of both public and private sector banks show the increasing trend. In 2010-11 GNPA of public and private sector were at same level it was 2% but after 2010-11 it increased in many fold and at present there is GNPA in some more than 15%. It shows the dark area of Indian banking sector.
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...IAEME Publication
An experiment conducted in this study found that BaSO4 changed Nylon 6's mechanical properties. By changing the weight ratios, BaSO4 was used to make Nylon 6. This Researcher looked into how hard Nylon-6/BaSO4 composites are and how well they wear. Experiments were done based on Taguchi design L9. Nylon-6/BaSO4 composites can be tested for their hardness number using a Rockwell hardness testing apparatus. On Nylon/BaSO4, the wear behavior was measured by a wear monitor, pinon-disc friction by varying reinforcement, sliding speed, and sliding distance, and the microstructure of the crack surfaces was observed by SEM. This study provides significant contributions to ultimate strength by increasing BaSO4 content up to 16% in the composites, and sliding speed contributes 72.45% to the wear rate
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...IAEME Publication
The majority of the population in India lives in villages. The village is the back bone of the country. Village or rural industries play an important role in the national economy, particularly in the rural development. Developing the rural economy is one of the key indicators towards a country’s success. Whether it be the need to look after the welfare of the farmers or invest in rural infrastructure, Governments have to ensure that rural development isn’t compromised. The economic development of our country largely depends on the progress of rural areas and the standard of living of rural masses. Village or rural industries play an important role in the national economy, particularly in the rural development. Rural entrepreneurship is based on stimulating local entrepreneurial talent and the subsequent growth of indigenous enterprises. It recognizes opportunity in the rural areas and accelerates a unique blend of resources either inside or outside of agriculture. Rural entrepreneurship brings an economic value to the rural sector by creating new methods of production, new markets, new products and generate employment opportunities thereby ensuring continuous rural development. Social Entrepreneurship has the direct and primary objective of serving the society along with the earning profits. So, social entrepreneurship is different from the economic entrepreneurship as its basic objective is not to earn profits but for providing innovative solutions to meet the society needs which are not taken care by majority of the entrepreneurs as they are in the business for profit making as a sole objective. So, the Social Entrepreneurs have the huge growth potential particularly in the developing countries like India where we have huge societal disparities in terms of the financial positions of the population. Still 22 percent of the Indian population is below the poverty line and also there is disparity among the rural & urban population in terms of families living under BPL. 25.7 percent of the rural population & 13.7 percent of the urban population is under BPL which clearly shows the disparity of the poor people in the rural and urban areas. The need to develop social entrepreneurship in agriculture is dictated by a large number of social problems. Such problems include low living standards, unemployment, and social tension. The reasons that led to the emergence of the practice of social entrepreneurship are the above factors. The research problem lays upon disclosing the importance of role of social entrepreneurship in rural development of India. The paper the tendencies of social entrepreneurship in India, to present successful examples of such business for providing recommendations how to improve situation in rural areas in terms of social entrepreneurship development. Indian government has made some steps towards development of social enterprises, social entrepreneurship, and social in- novation, but a lot remains to be improved.
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...IAEME Publication
Distribution system is a critical link between the electric power distributor and the consumers. Most of the distribution networks commonly used by the electric utility is the radial distribution network. However in this type of network, it has technical issues such as enormous power losses which affect the quality of the supply. Nowadays, the introduction of Distributed Generation (DG) units in the system help improve and support the voltage profile of the network as well as the performance of the system components through power loss mitigation. In this study network reconfiguration was done using two meta-heuristic algorithms Particle Swarm Optimization and Gravitational Search Algorithm (PSO-GSA) to enhance power quality and voltage profile in the system when simultaneously applied with the DG units. Backward/Forward Sweep Method was used in the load flow analysis and simulated using the MATLAB program. Five cases were considered in the Reconfiguration based on the contribution of DG units. The proposed method was tested using IEEE 33 bus system. Based on the results, there was a voltage profile improvement in the system from 0.9038 p.u. to 0.9594 p.u.. The integration of DG in the network also reduced power losses from 210.98 kW to 69.3963 kW. Simulated results are drawn to show the performance of each case.
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...IAEME Publication
Manufacturing industries have witnessed an outburst in productivity. For productivity improvement manufacturing industries are taking various initiatives by using lean tools and techniques. However, in different manufacturing industries, frugal approach is applied in product design and services as a tool for improvement. Frugal approach contributed to prove less is more and seems indirectly contributing to improve productivity. Hence, there is need to understand status of frugal approach application in manufacturing industries. All manufacturing industries are trying hard and putting continuous efforts for competitive existence. For productivity improvements, manufacturing industries are coming up with different effective and efficient solutions in manufacturing processes and operations. To overcome current challenges, manufacturing industries have started using frugal approach in product design and services. For this study, methodology adopted with both primary and secondary sources of data. For primary source interview and observation technique is used and for secondary source review has done based on available literatures in website, printed magazines, manual etc. An attempt has made for understanding application of frugal approach with the study of manufacturing industry project. Manufacturing industry selected for this project study is Mahindra and Mahindra Ltd. This paper will help researcher to find the connections between the two concepts productivity improvement and frugal approach. This paper will help to understand significance of frugal approach for productivity improvement in manufacturing industry. This will also help to understand current scenario of frugal approach in manufacturing industry. In manufacturing industries various process are involved to deliver the final product. In the process of converting input in to output through manufacturing process productivity plays very critical role. Hence this study will help to evolve status of frugal approach in productivity improvement programme. The notion of frugal can be viewed as an approach towards productivity improvement in manufacturing industries.
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENTIAEME Publication
In this paper, we investigated a queuing model of fuzzy environment-based a multiple channel queuing model (M/M/C) ( /FCFS) and study its performance under realistic conditions. It applies a nonagonal fuzzy number to analyse the relevant performance of a multiple channel queuing model (M/M/C) ( /FCFS). Based on the sub interval average ranking method for nonagonal fuzzy number, we convert fuzzy number to crisp one. Numerical results reveal that the efficiency of this method. Intuitively, the fuzzy environment adapts well to a multiple channel queuing models (M/M/C) ( /FCFS) are very well.
2. International Journal of Advanced Research in Management (IJARM), ISSN 0976 – 6324 (Print),
ISSN 0976 – 6332 (Online), Volume 3, Issue 2, July-December (2012)
analyze in adopting cloud computing technologies along with the actual needs, requirements and
expectations of the MSMEs for cloud computing services.
Cloud computing emerged from so called distributed computing and grid computing. Here the
user can access any service which he/she wants for a specific task and for a specific amount of
time [1]. Cloud computing provides us with a facility of sharing and interoperating the resources
between different users and the systems being owned by the organizations. Security is a major
hindrance in such type of systems because if the users are storing their data in a remote location
owned by an unknown person and an organization then their data is not protected. Members
communicating to each other should have a good level of trust so as to share the data and resource
with each other.
In actual scenario, the cloud is the concept of virtualizing the local system of the user using
remote cloud operating system to get a virtual desktop with a specific or a choice of operating
systems to choose of operating systems to choose and to store the personal data and execute the
application from anywhere. The customers or the user purchase the computing power depending
on their demand and are not concerned with the underlying technologies used. The resources used
and data accessed are owned by a third party and operated by them. This third party may not be
located in the same area the user lives may be in the state or country.
II. CLOUD STRUCTURE AND TYPES
Public cloud: It is basically used by lot of users in the whole world and the security
aspects act as utmost hindrance in such situations. It is basically a pay per use model in which
users pay as per their use which becomes very useful and cost effective for the companies they
are working for and for themselves.
Private Cloud: In private cloud we get additional benefits like additional security as the
company has the server at its end. As a way to exercise greater control over security and
application availability, some enterprises are moving toward building private clouds. With the
right approach and expertise in place, this type of setup can offer the best of both worlds: the
cost-effectiveness of cloud computing and the assurance that comes with the ability to manage
data and applications more closely.
Hybrid cloud: It provides services by combining private and public clouds that have been
integrated to optimize service. The promise of the hybrid cloud is to provide the local data
benefits of the private clouds with the economies, scalability, and on-demand access of the
public cloud. The hybrid cloud remains somewhat undefined because it specifies a midway point
between the two ends of the continuum of services provided strictly over the Internet and those
provided through the data centre or on the desktop. [2]
22
3. International Journal of Advanced Research in Management (IJARM), ISSN 0976 – 6324 (Print),
ISSN 0976 – 6332 (Online), Volume 3, Issue 2, July-December (2012)
III. MODELS OF CLOUD COMPUTING
A. Model 1:Infrastructure as a service(Iaas)
The key aspects of IT infrastructure, hardware, facilities, and administration have traditionally
been the domain of IT departments within each company. Dedicated personnel install and
configure servers, routers, firewalls, and other devices in support of their respective employers.
This equipment requires dedicated housing as well as environmental controls, emergency power,
and security systems to keep it functioning properly. Finally, every company allocates additional
space where IT personnel work to support the infrastructure that is in place. Every aspect of IT
infrastructure has evolved on its own, yet-until now - has not moved toward integration. For
example, a company purchases software it needs and then purchases a server to run it. If data
storage is necessary for files or databases, disk arrays and hard drives are added into the mix to
accommodate the needs of the company. A local network is maintained to provide employees
access to IT resources, and high speed internet connectivity for voice and data is added to the
company account as necessary. Practically speaking, each IT system has its own management
system, with some systems requiring the addition of a specialized worker to the staff.
Infrastructure as a service takes the traditional components of IT infrastructure, takes them off
site, and offers them in one unified, scalable package to companies who can manage them
through one management interface. Infrastructure as a service results in IT services that easily
conform to the changing requirements of a business. Because the infrastructure does not reside
on the premises, obsolete equipment, upgrades, and retrofits no longer play a role in the
company's decision to adopt new technology [3]. The IaaS provider takes care of that seamlessly
allowing the business to focus on its mission .Cost effectiveness augments the convenience of
IaaS. Because the IaaS provider has massive platforms segmented for each customer, the
economies of scale are enormous, providing significant cost savings through efficiency. The
need for every company to maintain its own infrastructure is eliminated through IaaS. The power
of IaaS brings the resources needed to service government and enterprise contracts to businesses
of every size. IaaS improves reliability because service providers have specialized workers that
ensure nearly constant uptime and state-of-the-art security measures. Infrastructure as a Service
is a form of hosting. It includes network access, routing services and storage. The IaaS provider
will generally provide the hardware and administrative services needed to store applications and
a platform for running applications. Scaling of bandwidth, memory and storage are generally
included, and vendors compete on the performance and pricing offered on their dynamic
services. IaaS can be purchased with either a contract or on a pay-as-you-go basis. However,
most buyers consider the key benefit of IaaS to be the flexibility of the pricing, since you should
only need to pay for the resources that your application delivery requires [4].
B. Model 2:Software as a Service(SaaS)
Software is ubiquitous in today’s business world, where software applications can help us track
shipments across multiple countries, manage large inventories, train employees, and even help us
form good working relationships with customers. For decades, companies have run software on
their own internal infrastructures or computer networks. In recent years, traditional software
license purchases have begun to seem antiquated, as many vendors and customers have migrated
to software as a service business model. Software as a service, or 'SaaS', is a software application
23
4. International Journal of Advanced Research in Management (IJARM), ISSN 0976 – 6324 (Print),
ISSN 0976 – 6332 (Online), Volume 3, Issue 2, July-December (2012)
delivery model by which an enterprise vendor develops a web-based software application, and
then hosts and operates that application over the Internet for use by its customers. Customers do
not need to buy software licenses or additional infrastructure equipment, and typically only pay
monthly fees (also referred to as annuity payments) for using the software. It is important to note
that SaaS typically encapsulates enterprise as opposed to consumer-oriented web-hosted
software, which is generally known as web 2.0. According to a leading research firm, the SaaS
market reached $6.3B in 2006; still a small fraction of the over $300B licensed software
industry. However, growth in SaaS since 2000 has averaged 26% CAGR, while licensed
software growth has remained relatively flat. Demand for SaaS is being driven by real business
needs — namely its ability to drive down IT-related costs, decrease deployment times, and foster
innovation [5]. Both public and private cloud models are now in use. Available to anyone with
Internet access, public models include Software as a Service (SaaS) clouds like IBM
LotusLive™, Platform as a Service (PaaS) clouds such as IBM Computing on Demand™, and
Security and Data Protection as a Service (SDPaaS) clouds like the IBM Vulnerability
Management Service. Private clouds are owned and used by a single organization. They offer
many of the same benefits as public clouds, and they give the owner organization greater
flexibility and control. Furthermore, private clouds can provide lower latency than public clouds
during peak traffic periods. Many organizations embrace both public and private cloud
computing by integrating the two models into hybrid clouds. These hybrids are designed to meet
specific business and technology requirements, helping to optimize security and privacy with a
minimum investment in fixed IT costs.
All these services are cost effective but have a lot of issues regarding security and backup.
Depending upon the implementation and platform needed the central server can send the request
to the respective server.
IV. REQUIREMENTS OF SECURITY
It gives a general description of security services and related mechanisms, which can be ensured
by the Reference Model, and of the positions within the Reference Model where the services and
mechanisms may be provided. Extends the field of application of ISO 7498 [6] to cover secure
communications between open systems. Adds to the concepts and principles included in ISO
7498 but does not modify them. In the fig 1, we have showed how the requirements are fulfilled
in our proposed system.
a. Authentication and Authorisation
User can be identified in this model as we are using the SSL security for that purpose. A
governance body is acting as an interface between the user and the cloud servers. There will be
encryption between the user and central server and between the central server and cloud of
servers. User details will be stored within the central server in the form of UserID etc and
validation will be done accordingly. Hence the requirement is fulfilled in this. Authorization is
not a big issue in private cloud because the system administrator can look into it by granting
access only to those who are authorized to access the data. Whereas in public cloud it will
become more hectic due to requests from normal users have to be taken into considerations.
Privileges over the process flow have to be considered as the control may flow from one server
24
5. International Journal of Advanced Research in Management (IJARM), ISSN 0976 – 6324 (Print),
ISSN 0976 – 6332 (Online), Volume 3, Issue 2, July-December (2012)
to another. Respective UserID will be saved in the central servers after the registration and
authorization can be done easily as the respective rights can be stated there.
b. Confidentiality
Confidentiality plays a very important role as the data has to be secure and should not be reviled
anywhere. This can be achieved in this system as we have used Dual SSL technology. User’s
data, profiles etc have to be maintained and as they are virtually accessed various protocols
(security) have to be enforced. If we standardize the whole cluster of a particular sector then it
can be easily imposed. With regard to data-in-transit, the primary risk is in not using a vetted
encryption algorithm. Although this is obvious to information security professionals, it is not
common for others to understand this requirement when using a public cloud, regardless of
whether it is IaaS, PaaS or SaaS. It is also important to ensure that a protocol provides
confidentiality as well as integrity (e.g., FTP over SSL [FTPS], Hypertext Transfer Protocol
Secure [HTTPS], and Secure Copy Program [SCP])—particularly if the protocol is used for
transferring data across the Internet. Merely encrypting data and using a non-secured protocol
(e.g., “vanilla” or “straight” FTP or HTTP) can provide confidentiality, but does not ensure the
integrity of the data (e.g., with the use of symmetric streaming ciphers) [6].
c. Integrity
Integrity is maintained as the hashing is done in SSL technology. The major drawback in case of
this technology is the excessive redundant data due to which the bandwidth is used up and the
packet size is increased. From a privacy and confidentiality perspective, the terms of service may
be the most important feature of cloud computing for an average user who is not subject to a
legal or professional obligation. It is common for a cloud provider to offer its facilities to users
without individual contracts and subject to the provider’s published terms of service. A provider
may offer different services, each of which has distinct terms of service. A cloud provider may
also have a separate privacy policy. It is also possible for a cloud provider to conduct business
with users subject to specific contractual agreements between the provider and the user that
provides better protections for users. The contractual model is not examined further here. If the
terms of service give the cloud provider rights over a user’s information, then a user is likely
bound by those terms. A cloud provider may acquire through its terms of service a variety of
rights, including the right to copy, use, change, publish, display, distribute, and share with
affiliates or with the world the user’s information. There may be few limits to the rights that a
cloud provider may claim as a condition of offering services to users. Audits and other data
integrity measures may be important if a user’s local records differ from the records maintained
on the user’s behalf by a cloud provider.
d. Availability
Another issue is availability of the data when it is requested via authorized users. The most
powerful technique is prevention through avoiding threats affecting the availability of the service
or data. It is very difficult to detect threats targeting the availability. Threats targeting availability
can be either Network based attacks such as Distributed Denial of Service (DDoS) attacks or
CSP availability. For example, Amazon S3 suffered from two and a half hours outage in
February 2008 and eight hours outage in July 2008. In the next section, we will discuss the
identity and access management practices of the cloud computing by tackling some protocols
25
6. International Journal of Advanced Research in Management (IJARM), ISSN 0976 – 6324 (Print),
ISSN 0976 – 6332 (Online), Volume 3, Issue 2, July-December (2012)
such as Security assertion Markup Language (SAML), Open Authentication (OAuth) protocol
and a comparison between these two techniques to conclude the best solution.
e. Non-repudiation
Non-repudiation is the requirement which states that if a sender is sending the data to the other
end. In our proposed system this requirement is fulfilled by the middle server because it has the
routing table as well as the table of content of all the servers in the cloud with corresponding
server ID, name, location etc. Due to the routing table’s entry of server ip, receiver and sender ip
we can state that if the user has sent the request he cannot deny it and if receiver gives
acknowledgement or response he also cannot deny of giving it.
f. Backup and Disaster Recovery
A cloud may be used for production operations, so it is important to have a backup and disaster
recovery policy in place. The backup policy should define what data is backed up, how long
backups are kept, as well as costs associated with those services. Similarly, in the event of a
catastrophic failure of a private cloud, a failover plan should be in place. This plan may include
using multiple data centers to host a private cloud or running jobs in a more conventionally
organized cluster environment with manual management of jobs. The details of how to
implement backup and disaster recovery will vary by your needs and resources, but it is essential
for business continuity planning to have some policy in place [8].
V. USE OF PROPOSED MODEL
In the proposed system we have introduced an idea in which we have defined a central server
which will be having a router table which contains cloud Id, the corresponding user Id , the
actual server Id to which the user is connecting to. The source ip and the destination ip also have
been put into the table.
Figure 1. Architecture Diagram of proposed model
26
7. International Journal of Advanced Research in Management (IJARM), ISSN 0976 – 6324 (Print),
ISSN 0976 – 6332 (Online), Volume 3, Issue 2, July-December (2012)
TABLE I. ROUTING TABLE
UID SID Source IP Destn IP
12017 2747 191.268.67.67 101.123.22.25
86770 2967 111.125.25.23 102.124.12.35
Time Cloud ID Packet Server Lease Time
Size Name
500mins 222 437kb ABC 30mins
800mins 266 128kb XYZ 18mins
It also contains the actual amount of data flow that is the packets per second transfer rate. On the
user end there will be personal firewall and the connectivity between the user and the central
server will be encrypted using SSL encryption standards that are regularly used now-a-days.
Again at the Central server’s end there will be an application level firewall which will check
whether the packets are malicious or not. Application-level firewalls (sometimes called proxies)
have been looking more deeply into the application data going through their filters. Fig.2 shows
the architectural diagram of the proposed system. By considering the context of client requests
and application responses, these firewalls attempt to enforce correct application behavior, block
malicious activity and help organizations ensure the safety of sensitive information and systems.
They can log user activity too. Application-level filtering may include protection against spam
and viruses as well, and be able to block undesirable Web sites based on content rather than just
their IP address. [6] Further what we have suggested is to make a separate cluster of clouds for
banking sector, educational sector, government bodies (will not contain confidential data). The
user has a personal firewall at his end. The central server say for banks as an example consists of
a table which consists of the user ID, server id, its name and all the related information through
which a governance body can back track the server and the user. When a user tries to connect to
a particular server from the cloud then his/her user id sever id source ip and destination ip are
saved. The total time of synchronization, packet size being transferred server name and the total
lease time in case of a secure connection is saved in the table incase if the user is not able to
connect to a server i.e., if the ping shows connection time out we can easily track the server from
the central servers routing table. Even the user credentials and the session are secured by SSL
technology. Further we can achieve more security by clubbing different security algorithms with
SSL [9].
There is a secured connectivity between the user and the central server and between cloud’s
servers. Due to double encryption all the security requirements are fulfilled in this model.
Tracking the server is also simple because their will be a table which will help us know the cloud
id server name, server id and the corresponding organizations name whose server it is. So if the
server is not getting connected then we can track it. We also have to standardize all the servers in
the cloud for a particular sector like banking sector, the centralized banks and co-operative banks
27
8. International Journal of Advanced Research in Management (IJARM), ISSN 0976 – 6324 (Print),
ISSN 0976 – 6332 (Online), Volume 3, Issue 2, July-December (2012)
etc have to come together and use standardized protocols so as to achieve this proposal. Even by
standardizing in education sector we can achieve a common place to gain knowledge and we can
use the services as according. We have also included the routing table below which depicts the
actual scenario.
I. CONCLUSION
The model we have proposed is having its own advantages in case of security and backup. Due
to a middle server technology in between the user and the cloud server we can easily track the
user as well as the server in the cloud. We can also nexus both public cloud and private cloud
together in one with hybrid clouds. Due to SSL security the security parameters are also taken
into consideration. This model can help cloud computing and make it reach new ends.
REFERENCES
[1] Peter Mell and Tim Grance,”The NIST Definition of Cloud
Computing”http://csrc.nist.gov/groups/SNS/cloud-computing/
[2] Architectural Requirements Of The Hybrid Cloud Information Management Online,
February 10, 2010 Brian J. Dooley
[3] http://cloudstoragestrategy.com/2010/01/cloud-storage-for-the-enterprise---part-2-the-hybrid-
cloud.html By Steve Lesem on January 25, 2010
[4] R. Nicole, “Title of paper with only first word capitalized,” J. Name Stand. Abbrev., in press.
[5] http://www.wikinvest.com/concept/Software_as_a_Service
[6] Tim Mather, Subra Kumaraswamy, and Shahed Latif”Cloud Privacy and security” pp. 529–
551, September 2009: First Edition
[7] "IBM Point of View: Security and Cloud Computing"Cloud computing White paper
November 2009.
[8] Zhidong Shen,2010 2nd International Conference on Signal Processing Systems (ICSPS).
[9] Palivela Hemant, Hemant Wani “Development of Servers In Cloud Computin To Solve
Issues Related To Security And Backup” (CCIS-IEEE Conference.Beijing ,China).
28