Cloud computing security: protecting cloud-based smart city applications

2016 ◽  
Vol 2 (1) ◽  
Author(s):  
Alkiviadis Giannakoulias
Keyword(s):  
Cloud Computing ◽  
Public Sector ◽  
Service Provider ◽  
Key Management ◽  
Cloud Service ◽  
Transport Layer ◽  
Cloud Infrastructure ◽  
Security Issues ◽  
Standards Compliance ◽  
Security Standards

Data security is a major concern in cloud computing environments as they provide much scope for intruders to attack. Data centres in cloud environments hold valid information that end-users would conventionally have stored on their computers. Moving information towards centralised services may have an adverse effect on the security of users’ interactions with files kept in cloud cupboard spaces[1], for example accidental or deliberate alterations or deletions of information from the cloud server by the Cloud Service Provider (CSP). This necessitates the deployment of some sort of mechanism to ensure the safety of information integrity[2]. Public sector organisations have much to gain by adopting a cloud computing approach to service delivery in their ICT environments. However, these benefits must be reaped without compromising core requirements and institutional values.This paper focuses on the security issues that may arise when public sector organisations consider transitioning to an Open Source Software (OSS) Infrastructure as a Service (IaaS) Cloud Infrastructure (OpenStack), although the same issues are likely to be found in other OSS cloud computing software like Apache CloudStack[3], Eucalyptus[4], and OpenNebula[5]. We examine legal implications, regulatory and standards compliance, new attack vectors resulting from vulnerabilities coming from virtualisation technologies, data integrity issues such as encryption and access controls, and security checks to be performed on the services prior to their movement to the cloud. In addition, some of the most important security threats in cloud computing are presented, followed by key recommendations on how to address them, namely security standards and certifications, service provider auditing, secure APIs, transport layer protection, authentication and encryption key management, and cloud service agreements.

An examination on data integrity auditing patterns in cloud computing

2018 ◽  
Vol 7 (1.9) ◽  
pp. 200
Author(s):  
T A.Mohanaprakash ◽  
J Andrews
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Data Integrity ◽  
Cloud Service ◽  
New Approach ◽  
Computing Services ◽  
Security Challenges ◽  
Cloud Server ◽  
State Of Affairs ◽  
Dynamic Updates

Cloud computing is associate inclusive new approach on however computing services square measure made and utilized. Cloud computing is associate accomplishment of assorted styles of services that has attracted several users in today’s state of affairs. The foremost enticing service of cloud computing is information outsourcing, because of this the information homeowners will host any size of information on the cloud server and users will access the information from cloud server once needed. A dynamic outsourced auditing theme that cannot solely defend against any dishonest entity and collision, however conjointly support verifiable dynamic updates to outsourced information. The new epitome of information outsourcing conjointly faces the new security challenges. However, users might not totally trust the cloud service suppliers (CSPs) as a result of typically they may be dishonest. It's tough to work out whether or not the CSPs meet the customer’s expectations for information security. Therefore, to with success maintain the integrity of cloud information, several auditing schemes are projected. Some existing integrity ways will solely serve for statically archived information and a few auditing techniques is used for the dynamically updated information. The analyzed numerous existing information integrity auditing schemes together with their consequences.

scholarly journals USE OF ONTOLOGIES IN MAPPING OF INFORMATION SECURITY REQUIREMENTS / ONTOLOGIJOS NAUDOJIMAS INFORMACIJOS SAUGUMO REIKALAVIMAMS SUSIET

2013 ◽  
Vol 5 (2) ◽  
pp. 88-91
Author(s):  
Simona Ramanauskaitė ◽  
Eglė Radvilė ◽  
Dmitrij Olifer
Keyword(s):  
Information Security ◽  
Best Practices ◽  
Security Requirements ◽  
Security Standards

A large amount of different security documents, standards, guidelines and best practices requires to ensure mapping between different security requirements. As the result of mapping, security requirements of different standards can coincide or require to be amended or harmonised. This is the reason why it is so difficult to map more than two different security documents. Ontologies can be used to solve this issue. The article offers a review of different security documents and ontology types as well as investigates possible use of ontologies for mapping of security standards. Article in Lithuanian Santrauka Esant daugybei informacijos saugą reglamentuojančių dokumentų, gairių ir standartų, aktualu tarpusavyje susieti juose apibrėžtus saugumo reikalavimus. Skirtinguose saugos dokumentuose aprašyti saugumo reikalavimai gali ne tik sutapti arba papildyti vienas kitą, bet ir prieštarauti vienas kitam. Tai labai apsunkina daugiau negu dviejų informacijos saugą reglamentuojančių dokumentų susiejimą. Vienas būdų susieti daugiau negu du saugą reglamentuojančius dokumentus galėtų būti ontologijos naudojimas. Straipsnyje apžvelgiami šiuo metu pagrindiniai saugą reglamentuojantys standartai, egzistuojančios saugumo ontologijos, išnagrinėta galimybė naudoti ontologiją saugą reglamentuojančių dokumentų reikalavimams susieti ir galimybę tokį susiejimą atvaizduoti grafais.

Foundations of Cloud Computing and Information Security

2019 ◽  
pp. 13-48
Author(s):  
Naresh Kumar Sehgal ◽  
Pramod Chandra P. Bhatt ◽  
John M. Acken
Keyword(s):  
Cloud Computing ◽  
Information Security

scholarly journals AES Cryptograph for Secure Cloud Storage

2019 ◽  
Vol 8 (6S3) ◽  
pp. 1373-1376
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Cloud Storage ◽  
Short Message Service ◽  
Short Message ◽  
Security And Protection ◽  
Message Service ◽  
Secure Cloud Storage ◽  
Cloud Condition

In cloud computing disseminated assets are shared by means of system in open condition. Subsequently client can without much of a stretch access their information from anyplace. Simultaneously exist protection and security problems because of numerous causes. Initial one is emotional improvement in system advances. Another is expanded interest for computing assets, which make numerous associations to reappropriate their information stockpiling. So there is a requirement for secure cloud stockpiling administration in open cloud condition where the supplier isn't a confided in one. Our research tends to various information security and protection assurance problems in a cloud computing condition and suggests a technique for giving diverse security administrations like validation, approval and classification alongside checking in postponement. 128 piece Advanced Cryptograph Standard (AES) is utilized to increment information security and classification. In this supported methodology information is encoded utilizing AES and afterward transferred on a cloud. The supported model uses Short Message Service (SMS) ready instrument with keeping away from unapproved access to client information.

Sign in / Sign up

Export Citation Format

Share Document