TPA Auditing to Enhance the Privacy and Security in Cloud Systems

Over the last decade, many enterprises around the world migrating from traditional infrastructure to cloud resources in order to cut down operational and capital expenditure. With cloud computing, huge amount of data transactions is communicated between cloud consumers and cloud service providers. However, this cloud computing enables surplus security challenges associated to unauthorized access and data breaches. We proposed in this paper a trusted third-party auditor (TPA) model which uses lightweight cryptographic system and lightweight hashing technique to ensure data security and data integrity to audit the cloud users outsourced data from cloud service providers. With our proposed system, we solve the concern of data reliability using data correctness and verification analysis and error recovery analysis. The time complexity of our proposed system is less as compared with other TPA model. Our proposed system also shows resistance against various known cryptanalytic attacks, the performance and extensive compression technique of our proposed system are probably secure and highly proficient.

Download Full-text

Secure and Selective Cloud Data Auditing using Deep Machine Learning

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.b2361.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 5471-5479

Keyword(s):

Machine Learning ◽

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Cloud Data ◽

Data Centre ◽

Cloud Service Providers ◽

Characteristics Analysis ◽

Data Centres

The tradition of moving applications, data to be consumed by the applications and the data generated by the applications is increasing and the increase is due to the advantages of cloud computing. The advantages of cloud computing are catered to the application owners, application consumers and at the same time to the cloud datacentre owners or the cloud service providers also. Since IT tasks are vital for business progression, it for the most part incorporates repetitive or reinforcement segments and framework for power supply, data correspondences associations, natural controls and different security gadgets. An extensive data centre is a mechanical scale task utilizing as much power as a community. The primary advantage of pushing the applications on the cloud-based data centres are low infrastructure maintenance with significant cost reduction for the application owners and the high profitability for the data centre cloud service providers. During the application migration to the cloud data centres, the data and few components of the application become exposed to certain users. Also, the applications, which are hosted on the cloud data centres must comply with the certain standards for being accepted by various application consumers. In order to achieve the standard certifications, the applications and the data must be audited by various auditing companies. Few of the cases, the auditors are hired by the data centre owners and few of times, the auditors are engaged by application consumers. Nonetheless, in both situations, the auditors are third party and the risk of exposing business logics in the applications and the data always persists. Nevertheless, the auditor being a third-party user, the data exposure is a high risk. Also, in a data centre environment, it is highly difficult to ensure isolation of the data from different auditors, who may not be have the right to audit the data. Significant number of researches have attempted to provide a generic solution to this problem. However, the solutions are highly criticized by the research community for making generic assumptions during the permission verification process. Henceforth, this work produces a novel machine learning based algorithm to assign or grant audit access permissions to specific auditors in a random situation without other approvals based on the characteristics of the virtual machine, in which the application and the data is deployed, and the auditing user entity. The results of the proposed algorithm are highly satisfactory and demonstrates nearly 99% accuracy on data characteristics analysis, nearly 98% accuracy on user characteristics analysis and 100% accuracy on secure auditor selection process

Download Full-text

Identifying and Isolating Zombie Attack in Cloud Computing

Asian Journal of Research in Computer Science ◽

10.9734/ajrcos/2020/v6i230157 ◽

2020 ◽

pp. 46-56

Author(s):

Peter Awon-natemi Agbedemnab ◽

Salifu Abdul-Mumin ◽

Zakaria Abdulrahim

Keyword(s):

Cloud Computing ◽

Virtual Machine ◽

Network Performance ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Security Attacks ◽

Cloud Architecture ◽

Legitimate User ◽

Cloud Service Providers

The cloud computing architecture is a berth in which third party, virtual machine and cloud service providers are involved in data uploading and downloading. A major challenge in this architecture, however, is the security of the data as there exist various forms of attacks from malicious peopleand devices. Among these security attacks, the zombie attack is the most advance type of attack. The zombie attack reduces network performance in terms of delay and bandwidth consumption. With zombie attack, some malicious users may join the network which, in turn takes off the data of legitimate users and at the same time enable zombie nodes to communicate with a virtual machine on behalf of the legitimate user. In this paper, a technique based on strong authentication which, is able to detect malicious users from a network and isolates them from the cloud architecture is proposed.

Download Full-text

SECURITY IN CLOUD COMPUTING IN INDIAN GOVERNMENT

INTERNATIONAL JOURNAL OF NEXT-GENERATION COMPUTING ◽

10.47164/ijngc.v12i3.808 ◽

2021 ◽

Vol 12 (3) ◽

Author(s):

Nitin Vishnu Choudhari ◽

Dr. Ashish B Sasankar

Keyword(s):

Cloud Computing ◽

Service Delivery ◽

Service Providers ◽

Cloud Service ◽

Cloud Security ◽

End Users ◽

Security Architecture ◽

Security Measures ◽

End User ◽

Cloud Service Providers

Abstract –Today Security issue is the topmost problem in the cloud computing environment. It leads to serious discomfort to the Governance and end-users. Numerous security solutions and policies are available however practically ineffective in use. Most of the security solutions are centered towards cloud technology and cloud service providers only and no consideration has been given to the Network, accessing, and device securities at the end-user level. The discomfort at the end-user level was left untreated. The security of the various public, private networks, variety of devices used by end-users, accessibility, and capacity of end-users is left untreated. This leads towards the strong need for the possible modification of the security architecture for data security at all levels and secured service delivery. This leads towards the strong need for the possible adaption of modified security measures and provisions, which shall provide secured hosting and service delivery at all levels and reduce the security gap between the cloud service providers and end-users. This paper investigates the study and analyze the security architecture in the Cloud environment of Govt. of India and suggest the modifications in the security architecture as per the changing scenario and to fulfill the future needs for the secured service delivery from central up to the end-user level. Keywords: Cloud Security, Security in GI Cloud, Cloud Security measures, Security Assessment in GI Cloud, Proposed Security for GI cloud

Download Full-text

АНАЛИЗ ПОДХОДОВ К ОБЕСПЕЧЕНИЮ БЕЗОПАСНОСТИ ОБЛАЧНЫХ СЕРВИСОВ

RADIOELECTRONIC AND COMPUTER SYSTEMS ◽

10.32620/reks.2020.1.07 ◽

2020 ◽

pp. 70-82

Author(s):

Вячеслав Вікторович Фролов

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Geographical Location ◽

Cloud Service ◽

Cloud Services ◽

Cloud Infrastructure ◽

Critical System ◽

Cloud Service Providers ◽

Safety And Reliability ◽

Cloud Resources

The article is devoted to the analysis of modern approaches that ensure the security of cloud services. Since cloud computing is one of the fastest growing areas among information technology, it is extremely important to ensure the safety and reliability of processes occurring in the clouds and to secure the interaction between the client and the provider of cloud services. Given that fears about data loss and their compromise are one of the main reasons that some companies do not transfer their calculations to the clouds. The object of research and analysis of this work are cloud services, which are provided by various cloud service providers. The aim of the study of this work is to compare existing approaches that provide information security for cloud services, as well as offer a new approach based on the principle of diversity. There are many approaches that ensure their safety, using both traditional and cloud-specific. The multi-cloud approach is one of the most promising strategies for improving reliability by reserving cloud resources on the servers of various cloud service providers. It is shown that it is necessary to use diversity to ensure the reliability and safety of critical system components. The principle of diversity is to use a unique version of each resource thanks to a special combination of a cloud computing provider, the geographical location of data centers, cloud service presentation models, and cloud infrastructure deployment models. The differences between cloud providers and which combination of services are preferable to others in terms of productivity are discussed in detail. In addition, best practices for securing cloud resources are reviewed. As a result, this paper concludes that there is a problem of insufficient security and reliability of cloud computing and how to reduce threats in order to avoid a common cause failure and, as a result, loss of confidential data or system downtime using diversity of cloud services.

Download Full-text

Dear Cloud, I Think We Have Trust Issues: Cloud Computing Contracts and Trust

Palgrave Studies in Digital Business & Enabling Technologies - Data Privacy and Trust in Cloud Computing ◽

10.1007/978-3-030-54660-1_2 ◽

2020 ◽

pp. 21-42

Author(s):

Theo Lynn

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Standard Form ◽

Cloud Service ◽

Contract Law ◽

Cloud Service Provider ◽

Internet Users ◽

Cloud Service Providers ◽

The Relationship ◽

Dominant Paradigm

Abstract Cloud computing is the dominant paradigm in modern computing, used by billions of Internet users worldwide. It is a market dominated by a small number of hyperscale cloud service providers. The overwhelming majority of cloud customers agree to standard form click-wrap contracts, with no opportunity to negotiate specific terms and conditions. Few cloud customers read the contracts that they agree to. It is clear that contracts in cloud computing are primarily an instrument of control benefiting one side, the cloud service provider. This chapter provides an introduction to the relationship between psychological trust, contracts and contract law. It also offers an overview of the key contract law issues that arise in cloud computing and introduces some emerging paradigms in cloud computing and contracts.

Download Full-text

Improvement of Privacy and Security in Hybrid Cloud with Attribute Group Based Access Control

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit19518 ◽

2019 ◽

pp. 57-61

Author(s):

Kayalvili S ◽

Sowmitha V

Keyword(s):

Cloud Computing ◽

Access Control ◽

Data Storage ◽

Service Providers ◽

Cloud Service ◽

Security Requirements ◽

Security And Privacy ◽

Data Outsourcing ◽

Privacy And Security ◽

Control Approach

Cloud computing enables users to accumulate their sensitive data into cloud service providers to achieve scalable services on-demand. Outstanding security requirements arising from this means of data storage and management include data security and privacy. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. Since data outsourcing systems require flexible access control approach Problems arises when sharing confidential corporate data in cloud computing. User-Identity needs to be managed globally and access policies can be defined by several authorities. Data is dual encrypted for more security and to maintain De-Centralization in Multi-Authority environment.

Download Full-text

RVLBPNN: A Workload Forecasting Model for Smart Cloud Computing

Scientific Programming ◽

10.1155/2016/5635673 ◽

2016 ◽

Vol 2016 ◽

pp. 1-9 ◽

Cited By ~ 13

Author(s):

Yao Lu ◽

John Panneerselvam ◽

Lu Liu ◽

Yan Wu

Keyword(s):

Neural Network ◽

Cloud Computing ◽

Prediction Model ◽

Prediction Accuracy ◽

Service Providers ◽

Cloud Service ◽

Backpropagation Neural Network ◽

Environmental Implications ◽

Cloud Service Providers ◽

Cloud Workloads

Given the increasing deployments of Cloud datacentres and the excessive usage of server resources, their associated energy and environmental implications are also increasing at an alarming rate. Cloud service providers are under immense pressure to significantly reduce both such implications for promoting green computing. Maintaining the desired level of Quality of Service (QoS) without violating the Service Level Agreement (SLA), whilst attempting to reduce the usage of the datacentre resources is an obvious challenge for the Cloud service providers. Scaling the level of active server resources in accordance with the predicted incoming workloads is one possible way of reducing the undesirable energy consumption of the active resources without affecting the performance quality. To this end, this paper analyzes the dynamic characteristics of the Cloud workloads and defines a hierarchy for the latency sensitivity levels of the Cloud workloads. Further, a novel workload prediction model for energy efficient Cloud Computing is proposed, named RVLBPNN (Rand Variable Learning Rate Backpropagation Neural Network) based on BPNN (Backpropagation Neural Network) algorithm. Experiments evaluating the prediction accuracy of the proposed prediction model demonstrate that RVLBPNN achieves an improved prediction accuracy compared to the HMM and Naïve Bayes Classifier models by a considerable margin.

Download Full-text

Examining Communication Technologies of IoT for Best QoS

Advances in Wireless Technologies and Telecommunication - Examining Cloud Computing Technologies Through the Internet of Things ◽

10.4018/978-1-5225-3445-7.ch014 ◽

2018 ◽

pp. 264-276

Author(s):

Jayashree K ◽

Babu R ◽

Chithambaramani R

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Communication Technologies ◽

Industry Sector ◽

Cloud Service Providers ◽

The Internet Of Things ◽

Excessive Number ◽

The Web

The Internet of Things (IoT) architecture has gained an increased amount of attention from academia as well as the industry sector as a significant methodology for the development of innovative applications and systems. Currently, the merging of this architecture with that of Cloud computing has been largely motivated by the need for various applications and infrastructures in IoT. In addition to this, the Cloud ascends as an eminent solution that would help solve various challenges that are faced by the IoT standard when varied physical devices. There are an excessive number of Cloud service providers the web along with many other services. Thus, it becomes critical to choose the provider who can be efficient, consistent, and suitable, and who can deliver the best Quality of Service (QoS). Thus, this chapter discusses QoS for cloud computing and IoT.

Download Full-text

Security Aspects in Cloud Computing

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch004 ◽

2018 ◽

pp. 54-76

Author(s):

Tabassum N. Mujawar ◽

Ashok V. Sutagundar ◽

Lata L. Ragha

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Storage Security ◽

Security Issues ◽

Access Control Mechanism ◽

And Storage ◽

Privacy Issues ◽

Different Levels

Cloud computing is recently emerging technology, which provides a way to access computing resources over Internet on demand and pay per use basis. Cloud computing is a paradigm that enable access to shared pool of resources efficiently, which are managed by third party cloud service providers. Despite of various advantages of cloud computing security is the biggest threat. This chapter describes various security concerns in cloud computing. The clouds are subject to traditional data confidentiality, integrity, availability and various privacy issues. This chapter comprises various security issues at different levels in environment that includes infrastructure level security, data level and storage security. It also deals with the concept of Identity and Access Control mechanism.

Download Full-text

An Analysis on the Terms and Conditions of the Clickwrap Agreement and the Benefits of Maintaining the Click Wrap Agreement in Cloud Computing

10.4018/978-1-7998-7927-5.ch010 ◽

2022 ◽

pp. 205-224

Author(s):

Dhiviya Ram

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Service Providers ◽

Cloud Service ◽

Cloud Services ◽

End User ◽

Cloud Service Provider ◽

Novel Approach ◽

Cloud Service Providers ◽

Provider Perspective

One of the most unique forms of contracting is apparent in cloud computing. Cloud computing, unlike other conventional methods, has adopted a different approach in the formation of binding contract that will be used for the governance of the cloud. This method is namely the clickwrap agreement. Click wrap agreement follows a take it or leave it basis in which the end users are provided with limited to no option in terms of having a say on the contract that binds them during the use of cloud services. The terms found in the contract are often cloud service provider friendly and will be less favourable to the end user. In this article, the authors examine the terms that are often found in the cloud computing agreement as well as study the benefit that is entailed in adopting this contracting method. This chapter has undertaken a qualitative study that comprises interviews of cloud service providers in Malaysia. Hence, this study is a novel approach that also provides insight in terms of the cloud service provider perspective regarding the click wrap agreement.

Download Full-text