Perception of Security Issues in the Development of Cloud-IoT Systems by a Novice Programmer

It is very hard (or ineffective) to take an old system and add to it security features like plug-ins. Therefore, a computer system is much more reliable designed with the approach of security-by-design. Nowadays, there are several tools, middlewares, and platforms designed with this concept in mind, but they must be appropriately used to guarantee a suitable level of reliability and safety. A security-by-design approach is fundamental when creating a distributed application in the IoT field, composed of sensors, actuators, and cloud services. The IoT usually requires handling different programming languages and technologies in which a developer might not be very expert. Through a use case, we analyzed the security of some IoT components of Amazon Web Services (AWS) from a novice programmer’s point of view. Even if such a platform could be secure by itself, a novice programmer could do something wrong and leave some possible attack points to a malicious user. To this end, we also surveyed a small pool of novice IoT programmers from a consulting engineering company. Even if we discovered that AWS seems quite robust, we noticed that some common security concepts are often not clear or applied, leaving the door open to possible issues.

Download Full-text

Security and Safety in Amazon EC2 Service – A Research on EC2 Service AMIs

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.f1149.0486s419 ◽

2019 ◽

Vol 8 (6S4) ◽

pp. 736-738 ◽

Cited By ~ 4

Keyword(s):

Virtual Machine ◽

Best Practice ◽

Multinational Companies ◽

Cloud Services ◽

Security Risks ◽

Security Issues ◽

Virtual Images ◽

Open Standard ◽

Amazon Web Services ◽

Amazon Ec2

There are some multinational companies available in the market to provide cloud services such as Amazon Web Services, Microsoft Azure, and IBM Smart Cloud and so on. Nowadays an organization need to work on different technologies, it need not to install the technologies, it can simply acquire the technology available in online as a service.It is the best practice in the cloud based services that it allows the users to make their own exceptional unprecedented virtual images and share them to with various customers in a comparative cloud. Close to these customer shared virtual pictures, the cloud serviceproviders will in like manner give the virtual pictures that have been preconfigured with open source database and web server to orchestrate our stray pieces. In this paper, we had made an examination to check the general security risks related with the usage of virtual machine pictures from the uninhibitedly available inventories of cloud master affiliations. In adjusted, we had managed the open standard virtual pictures that are existed on the Amazon EC2 association. We analyzed the security issues of the virtual pictures which are available on the Amazon EC2 Cluster as the open AMI (Amazon Machine Images).

Download Full-text

Secured Access and Security Issues of Maintenance for Cloud Database

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.e2712.049620 ◽

2020 ◽

Vol 9 (4) ◽

pp. 2134-2138

Keyword(s):

Point Of View ◽

Cloud Services ◽

Data Confidentiality ◽

Keystroke Dynamics ◽

Color Code ◽

Major Barrier ◽

Security Issues ◽

Cloud Database ◽

Cloud Databases ◽

Different Levels

Users are using the cloud database services for storing there important data in order to utilized cloud services. Data confidentiality remains one of the main concerns and the major barrier to the development of cloud services. But at the same time users also think about “whether there data is in secured hands and how it is protected from the outside world?” In order to make sure users that there data is in safe hands, cloud database are using more secured mechanism for accessing the cloud database. In order to achieve the goal of security we are using AES and honey encryption (HE) algorithm for strong authorization. Before authorization we need to have authentication of the users. We are using keystroke dynamics as a biometrics authentication and second one as color code authentication. Cloud databases should also be properly maintained from security point of view. For the different levels of the cloud database we have find out the security issues which provide help in maintenance of cloud database. By implementing these issues the security of the cloud database will be more increased.

Download Full-text

Prevention of Armed Attacks at Schools as a Part of Emergency Situations Didactics

Lifelong Learning ◽

10.11118/lifele2015050395 ◽

2015 ◽

Vol 5 (3) ◽

pp. 95-112

Author(s):

Miroslava Kovaříková

Keyword(s):

European Union ◽

School Management ◽

The European Union ◽

Security Risks ◽

Emergency Plans ◽

Security Issues ◽

Emergency Situations ◽

European Union Countries ◽

Perception Of Security ◽

Technical And Organizational Measures

This article deals with the issue of security management and its following application in education. The article focuses on the topic of armed attacks at schools. Based on a research probe aimed at teachers which focused on perception of security risks, there are chosen areas to which Central emergency system services should react. Further, knowledge of technical and organizational measures of emergency plans in the organization and the level of attention paid to this issue by the school management were investigated. In the text there are also international models of solutions of this issue introduced. The contribution also brings outline of how is the issue solved in the European Union countries, in particular in the Kingdom of Spain. Experience with the solution of security issues of schools in Latin America are also mentioned. In the conclusion the summary of measures for improvement of security at schools is presented.

Download Full-text

HPC Cloud Architecture to Reduce HPC Workflow Complexity in Containerized Environments

Applied Sciences ◽

10.3390/app11030923 ◽

2021 ◽

Vol 11 (3) ◽

pp. 923

Author(s):

Guohua Li ◽

Joon Woo ◽

Sang Boem Lim

Keyword(s):

High Performance ◽

Cloud Services ◽

Workload Management ◽

Job Management ◽

Security Issues ◽

Cloud Architecture ◽

Management Efficiency ◽

Complexity Problem ◽

And Performance ◽

Hpc Cloud

The complexity of high-performance computing (HPC) workflows is an important issue in the provision of HPC cloud services in most national supercomputing centers. This complexity problem is especially critical because it affects HPC resource scalability, management efficiency, and convenience of use. To solve this problem, while exploiting the advantage of bare-metal-level high performance, container-based cloud solutions have been developed. However, various problems still exist, such as an isolated environment between HPC and the cloud, security issues, and workload management issues. We propose an architecture that reduces this complexity by using Docker and Singularity, which are the container platforms most often used in the HPC cloud field. This HPC cloud architecture integrates both image management and job management, which are the two main elements of HPC cloud workflows. To evaluate the serviceability and performance of the proposed architecture, we developed and implemented a platform in an HPC cluster experiment. Experimental results indicated that the proposed HPC cloud architecture can reduce complexity to provide supercomputing resource scalability, high performance, user convenience, various HPC applications, and management efficiency.

Download Full-text

Cloud computing security: a survey

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.21.12439 ◽

2018 ◽

Vol 7 (2.21) ◽

pp. 355

Author(s):

P Sheela Gowr ◽

N Kumar

Keyword(s):

Cloud Computing ◽

Information Flow ◽

Data Encryption ◽

Information Services ◽

Ease Of Use ◽

Cloud Services ◽

Authentication Scheme ◽

Data Confidentiality ◽

Cloud Computing Security ◽

Security Issues

Cloud computing was a hasting expertise which has innovated to a collection of new explores. A sub-ordinate device for Information services, it has an ability towards encourage development by feeding convenient environments for a choice of forms of development is different sequence. Clouds usually consider being eco-friendly, however keep it has open to the diversity of some security issues to can change together the feeder as well as users of these cloud services. In this issue are principally associated to the protection of the information flow throughout also being store in the cloud, with simple problems along with data ease of use, data right to use and data confidentiality. Data encryption and service authentication scheme has been initiated by the industries to deal with them. In this paper analyse and examine different issues on security beside with the different procedure worn by the industries to solve these effects.

Download Full-text

Protecting Sensitive Data with Secure Data Enclaves

10.31219/osf.io/jmd7t ◽

2021 ◽

Author(s):

Mark Howison ◽

Mintaka Angell ◽

Michael Hicklen ◽

Justine S. Hastings

Keyword(s):

Data Sharing ◽

Data Use ◽

Data Access ◽

Cloud Services ◽

Reference Architecture ◽

Sensitive Data ◽

Technical Requirements ◽

Data Owner ◽

Secure Data ◽

Amazon Web Services

A Secure Data Enclave is a system that allows data owners to control data access and ensure data security while facilitating approved uses of data by other parties. This model of data use offers additional protections and technical controls for the data owner compared to the more commonly used approach of transferring data from the owner to another party through a data sharing agreement. Under the data use model, the data owner retains full transparency and auditing over the other party’s access, which can be difficult to achieve in practice with even the best legal instrument for data sharing. We describe the key technical requirements for a Secure Data Enclave and provide a reference architecture for its implementation on the Amazon Web Services platform using managed cloud services.

Download Full-text

A New Secure Model for Data Protection over Cloud Computing

Computational Intelligence and Neuroscience ◽

10.1155/2021/8113253 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Amr M. Sauber ◽

Passent M. El-Kafrawy ◽

Amr F. Shawish ◽

Mohamed A. Amin ◽

Ismail M. Hagag

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Data Protection ◽

Cloud Services ◽

Security And Privacy ◽

Storage Model ◽

Cloud Data ◽

Security Issues ◽

Data Owner ◽

Proposed Model

The main goal of any data storage model on the cloud is accessing data in an easy way without risking its security. A security consideration is a major aspect in any cloud data storage model to provide safety and efficiency. In this paper, we propose a secure data protection model over the cloud. The proposed model presents a solution to some security issues of cloud such as data protection from any violations and protection from a fake authorized identity user, which adversely affects the security of the cloud. This paper includes multiple issues and challenges with cloud computing that impairs security and privacy of data. It presents the threats and attacks that affect data residing in the cloud. Our proposed model provides the benefits and effectiveness of security in cloud computing such as enhancement of the encryption of data in the cloud. It provides security and scalability of data sharing for users on the cloud computing. Our model achieves the security functions over cloud computing such as identification and authentication, authorization, and encryption. Also, this model protects the system from any fake data owner who enters malicious information that may destroy the main goal of cloud services. We develop the one-time password (OTP) as a logging technique and uploading technique to protect users and data owners from any fake unauthorized access to the cloud. We implement our model using a simulation of the model called Next Generation Secure Cloud Server (NG-Cloud). These results increase the security protection techniques for end user and data owner from fake user and fake data owner in the cloud.

Download Full-text

Navigating a cloud services agreement

Australian Journal of Telecommunications and the Digital Economy ◽

10.18080/jtde.v1n1.218 ◽

2019 ◽

Vol 1 (1) ◽

Author(s):

Advokat Lars Perhard

Keyword(s):

Cloud Computing ◽

New Technology ◽

Informed Decision ◽

Legal Issues ◽

Cloud Services ◽

Security Issues ◽

Need For Information

Cloud Sweden is a story about how a group of experienced IT-people from different sectors of the industry came together and discussed a relatively new phenomenon called the Cloud; or what is today labelled as Cloud computing. And they realised there was a tremendous momentum and potential prosperity connected to it. They also concluded that in order to support potential users and to promote Sweden as an IT-oriented country in the forefront of the development there was a need for information – organisations considering migrating their IT functions to the Cloud should at least be able to make an informed decision. There are significant advantages with this new technology, but also a number of pitfalls that any user should be aware of. There were for example critical security issues at hand before when the servers were placed within the four walls of the office and there still are critical security issues relating to the Cloud. However, the issues to solve are different. Cloud Sweden was founded and the different branches of the group have produced a number of documents published on its website. Cloud Sweden has apart from a number of members working actively in the steering and competence groups several thousand members from the industry in a Linkedin network. In this article you will find a sample of what the legal group of Cloud Sweden has produced – a primer of legal issues that a migrant shall pay attention to before the leap into the Cloud.

Download Full-text

Mobile Cloud Computing

Applications of Security, Mobile, Analytic, and Cloud (SMAC) Technologies for Effective Information Processing and Management - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-4044-1.ch006 ◽

2018 ◽

pp. 105-123

Author(s):

Parkavi R ◽

Priyanka C ◽

Sujitha S. ◽

Sheik Abdullah A

Keyword(s):

Cloud Computing ◽

Mobile Computing ◽

Mobile Devices ◽

Mobile Cloud Computing ◽

Cloud Services ◽

Mobile Cloud ◽

Mobile Service ◽

Service Users ◽

Security Issues ◽

Mobile Computing Environment

Mobile Cloud Computing (MCC) which combines mobile computing and cloud computing, has become one of the industry ring words and a major conversation thread in the IT world with an explosive development of the mobile applications and emerging of cloud computing idea, the MCC has become a possible technology for the mobile service users. The concepts of Cloud computing are naturally meshed with mobile devices to allow on-the-go functionalities and benefits. The mobile cloud computing is emerging as one of the most important branches of cloud computing and it is expected to expand the mobile ecosystems. As more mobile devices enter the market and evolve, certainly security issues will grow as well. Also, enormous growth in the variety of devices connected to the Internet will further drive security needs. MCC provides a platform where mobile users make use of cloud services on mobile devices. The use of MCC minimizes the performance, compatibility, and lack of resources issues in mobile computing environment.

Download Full-text

Multi-Perspectives of Cloud Computing Service Adoption Quality and Risks in Higher Education

Handbook of Research on Modern Educational Technologies, Applications, and Management ◽

10.4018/978-1-7998-3476-2.ch001 ◽

2021 ◽

pp. 1-19

Author(s):

Mohammed Banu Ali

Keyword(s):

Cloud Computing ◽

Cloud Services ◽

Innovative Technology ◽

Sensitive Information ◽

Service Adoption ◽

Cloud Adoption ◽

Convincing Argument ◽

Security Issues ◽

Collaborative Tools ◽

Cloud Computing Service

Universities worldwide are starting to turn to cloud computing. The quality characteristics, which include access to a wider network of computing resources, pay-as-you-go services, self-services, agile services, and resource centralisation provide a convincing argument for HEIs to adopt cloud services. However, the risks leading to non-adoption range from security issues to a lack of cloud vendor support. The findings suggest that security, privacy, and trust are the key determinants to non-adoption as stakeholders felt that the cloud cannot fully guarantee the safeguarding of sensitive information. Key determinants to cloud adoption include improving relationships between students and teachers via collaborative tools and proposing cloud apps for mobile devices for accessing virtual learning materials and email securely off-campus. In conclusion, university stakeholders are still unconvinced about adopting cloud services, but future advances of the cloud may help to steer their decision to adopt this innovative technology given its overwhelming potential.

Download Full-text