Secure Server Key Management Designs for the Public Cloud

Machine Learning and Artificial Intelligence - Frontiers in Artificial Intelligence and Applications ◽

10.3233/faia200789 ◽

2020 ◽

Author(s):

Kevin Foltz ◽

William R. Simpson

Keyword(s):

Key Management ◽

Web Server ◽

Free Access ◽

Cloud Provider ◽

Public Cloud ◽

Web Based ◽

The Public ◽

Cloud Providers ◽

Enterprise Level ◽

Secure Server

The Enterprise Level Security (ELS) model focuses on designing secure, distributed web-based systems starting from basic principles. One area of ELS that poses significant design challenges is protection of web server private keys in a public cloud. Web server private keys are of critical importance because they control who can act as the server to represent the enterprise. This includes responding to requests as well as making requests within the enterprise and to its partners. The cloud provider is not part of this trusted network of servers, so the cloud provider should not have access to server private keys. However, current cloud systems are designed to allow cloud providers free access to server private keys. This paper proposes design solutions to securely manage private keys in a public cloud. An examination of commonly used approaches demonstrates the ease with which cloud providers can currently control server private keys. Two designs are proposed to prevent cloud provider access to keys, and their implementation issues are discussed.

Download Full-text

IP Spoofing In and Out of the Public Cloud: From Policy to Practice

Computers ◽

10.3390/computers8040081 ◽

2019 ◽

Vol 8 (4) ◽

pp. 81 ◽

Cited By ~ 1

Author(s):

Natalija Vlajic ◽

Mashruf Chowdhury ◽

Marin Litoiu

Keyword(s):

Real World ◽

Service Providers ◽

Denial Of Service ◽

Research Literature ◽

Third Party ◽

Cloud Provider ◽

Public Cloud ◽

The Public ◽

Cloud Providers ◽

Ip Spoofing

In recent years, a trend that has been gaining particular popularity among cybercriminals is the use of public Cloud to orchestrate and launch distributed denial of service (DDoS) attacks. One of the suspected catalysts for this trend appears to be the increased tightening of regulations and controls against IP spoofing by world-wide Internet service providers (ISPs). Three main contributions of this paper are (1) For the first time in the research literature, we provide a comprehensive look at a number of possible attacks that involve the transmission of spoofed packets from or towards the virtual private servers hosted by a public Cloud provider. (2) We summarize the key findings of our research on the regulation of IP spoofing in the acceptable-use and term-of-service policies of 35 real-world Cloud providers. The findings reveal that in over 50% of cases, these policies make no explicit mention or prohibition of IP spoofing, thus failing to serve as a potential deterrent. (3) Finally, we describe the results of our experimental study on the actual practical feasibility of IP spoofing involving a select number of real-world Cloud providers. These results show that most of the tested public Cloud providers do a very good job of preventing (potential) hackers from using their virtual private servers to launch spoofed-IP campaigns on third-party targets. However, the same very own virtual private servers of these Cloud providers appear themselves vulnerable to a number of attacks that involve the use of spoofed IP packets and/or could be deployed as packet-reflectors in attacks on third party targets. We hope the paper serves as a call for awareness and action and motivates the public Cloud providers to deploy better techniques for detection and elimination of spoofed IP traffic.

Download Full-text

Regulations and Standards in Public Cloud

Journal of Information Technology Research ◽

10.4018/jitr.2020070102 ◽

2020 ◽

Vol 13 (3) ◽

pp. 21-36

Author(s):

Jitendra Singh ◽

Kamlesh Kumar Raghuvanshi

Keyword(s):

Data Center ◽

Critical Issue ◽

Regulatory Compliance ◽

Cloud Provider ◽

Security Threats ◽

Public Cloud ◽

The Public ◽

Regulatory Standards ◽

The One ◽

Security Standards

Security is a critical issue particularly in public cloud as it rests with the cloud providers. During security implementation, prevailing security threats and regulatory standards are borne in mind. Regulatory compliance varies from one cloud provider to another according to their maturity and location of the data center. Thus, subscribers need to verify the security requirement meeting their objective and the one implemented by the public cloud provider. To this end, subscribers need to visit each cloud provider's site to view the compliance. This is a time-consuming activity at the same time difficult to locate on a website. This work presents the prominent security standards suggested by the leading security institutions including NIST, CSA, ENISA, ISO, etc., that are applicable to the public cloud. A centrally-driven scheme is proposed in order to empower the subscriber to know the regulation and standards applicable according to their services need. The availability of an exhaustive list at one place will lower the users hassle at subscription time.

Download Full-text

SISTEM INFORMASI PELAPORAN REALISASI ANGGARAN PENDAPATAN DAN BELANJA DESA BERBASIS WEB

NJCA (Nusantara Journal of Computers and Its Applications) ◽

10.36564/njca.v3i1.61 ◽

2018 ◽

Vol 3 (1) ◽

Author(s):

Siti Sufaidah ◽

Muhyiddin Zainul Arifin ◽

Mochammad Chumaidi

Keyword(s):

Information System ◽

Web Server ◽

Web Based ◽

Or Management ◽

Software Application ◽

The Public ◽

Design Software ◽

To Come ◽

The Village ◽

The Web

Revenue and Expenditure Budget Village or abbreviated to APBDes every year among all the village's equipment is always busy with the utilization or management of village revenues to be allocated to several activities that aim to build the village. The main obstacles in APBDes management are lack of reporttransparency, inefficient performance, inadequate reporting thus hampering the implementation of rural development. As a form of effort to overcome this problem, it is necessary to design software application reports realization of web-based village budget usage. APBDes realization information system is web-based, using PHP web programming language and MySQL database. In implementing this system, it must be implemented or uploaded on the web server to be accessible on the internet. Because this implementation isexperimental, the author uses the XAMPP application as his web server. With the presence of these systems, the public can get information about APBDes easily without having to come to the village hall or ask for the explanation to the village apparatus and Government at the kecamatan level can also control and evaluate the reporting of APBDes relaisaasi online. So the transparency of realization of APBDes can be realized and able to answer people's doubts about the village apparatus and monitor the progress and development of their village.Keywords:APBDes, Information System, Website, Reporting, Village Finance

Download Full-text

A Comparative Analysis of Public Cloud Platforms and Introduction of Multi-Cloud

Volume 5 - 2020, Issue 9 - September - International Journal of Innovative Science and Research Technology ◽

10.38124/ijisrt20sep234 ◽

2020 ◽

Vol 5 (9) ◽

pp. 448-454

Author(s):

Aditi Rajan Khot

Keyword(s):

Cloud Computing ◽

Comparative Analysis ◽

Network Architecture ◽

Economies Of Scale ◽

Cloud Provider ◽

Public Cloud ◽

End User ◽

Optimal Service ◽

Cloud Providers ◽

Multi Cloud

Cloud computing is an accepted widely, emerging paradigm for its ‘pay as you go’ approach, massive economies of scale, and global in minutes concept. Over the years, different cloud providers have emerged with various services to meet the requirements of the end-user. Because of an increase in the diversity of services, the complexity increases. Customers cannot decide the optimal service to fulfill their requirements. This paper provides a comparative analysis of services of top public cloud providers namely, AWS, GCP, Oracle, and Microsoft Azure. Public cloud-provider strives to be efficient in every technological aspect, though some are better for certain tasks than others. This paper, as a solution, introduces the concept of Multi-Cloud computing, to leverage the benefits of the different cloud providers and to maximize their utility in single network architecture.

Download Full-text

A Review on Security Aspects and Countermeasures for Cloud Computing

SMART MOVES JOURNAL IJOSCIENCE ◽

10.24113/ijoscience.v7i8.402 ◽

2021 ◽

pp. 38-43

Author(s):

Rajat Maheshwari

Keyword(s):

Cloud Computing ◽

Large Scale ◽

Personal Information ◽

Cloud Security ◽

Public Cloud ◽

The Public ◽

Tremendous Progress ◽

Cloud Providers ◽

Security Concerns

For large-scale companies or people that desire a range of system services at a cheap cost, cloud computing is now the most popular phenomena to use. Personal information is frequently kept in a public cloud that is open to the public. This fundamental raises a number of concerns about cloud providers' flexible services, including confidentiality, persistence, and endurance. The paper aims to better understand cloud components, security concerns, and dangers, as well as developing solutions that might help minimise cloud vulnerabilities. It is a well-known truth that the cloud has been a viable hosting platform since 2008; nevertheless, the view of cloud security is that it requires major changes in order to achieve higher rates of adaptability at the corporate scale. Many of the difficulties affecting cloud computing need to be rectified immediately. The industry has made tremendous progress in combating cloud computing risks, but there is still work to be done to reach the level of maturity that traditional/on-premise hosting has.

Download Full-text

A Stackelberg Game Approach toward Migration of Enterprise Applications to the Cloud

Mathematics ◽

10.3390/math9192348 ◽

2021 ◽

Vol 9 (19) ◽

pp. 2348

Author(s):

Shiyong Li ◽

Wenzhe Li ◽

Huan Liu ◽

Wei Sun

Keyword(s):

Energy Consumption ◽

Optimization Problem ◽

Stackelberg Game ◽

Dynamic Game ◽

Good Choice ◽

Cloud Provider ◽

Public Cloud ◽

Migration Process ◽

Cloud Resource Management ◽

The Public

With the development of cloud computing, more and more cloud resources are rented or purchased by users. Using an economics approach to achieve cloud resource management has been thought of as a good choice for an enterprise user to complete an application’s migration and deployment into the public cloud. During an application’s migration process, it is important but very challenging to achieve the satisfaction of both the enterprise user and the public cloud provider at the same time. In this paper, we apply an economics approach to investigate the migration optimization problem during the migration process of applications from the enterprise user’s data center to the remote public cloud. We consider the application migration time of the enterprise user and the energy consumption of physical machines, and establish a single static round optimization problem for both the enterprise user and the cloud provider on the premise of satisfying the quality of experience (QoE) based on the Stackelberg game, where the public cloud provider is leader and the enterprise user is follower. Then we propose a novel algorithm to find the optimal physical machine placement for application migration. After that, we further consider that an enterprise user needs to migrate several applications, and extend the single-round static game to the multi-round dynamic game, where the energy consumption costs of the physical machines are reduced by adjusting the states of the physical machines in each round. We finally illustrate the performance of our scheme through some simulation results.

Download Full-text

A Review on Load Balancing Model Using Best Partition Technique

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v7i8.69 ◽

2017 ◽

Vol 7 (8) ◽

pp. 284

Author(s):

M. Chaitanya ◽

K. Durga Charan

Keyword(s):

Cloud Computing ◽

Fault Tolerance ◽

Load Balancing ◽

Load Balance ◽

Large Impact ◽

Cloud Environment ◽

Public Cloud ◽

The Public ◽

Partition Technique ◽

Textual Content

Load balancing makes cloud computing greater knowledgeable and could increase client pleasure. At reward cloud computing is among the all most systems which offer garage of expertise in very lowers charge and available all the time over the net. However, it has extra vital hassle like security, load administration and fault tolerance. Load balancing inside the cloud computing surroundings has a large impact at the presentation. The set of regulations relates the sport idea to the load balancing manner to amplify the abilties in the public cloud environment. This textual content pronounces an extended load balance mannequin for the majority cloud concentrated on the cloud segregating proposal with a swap mechanism to select specific strategies for great occasions.

Download Full-text

DESIGN AND DEVELOPMENT OF POPULATION SERVICE ADMINISTRATION SYSTEM WITH PIECES METHOD IN KEMIRI VILLAGE HEAD OFFICE BANTEN

ADI Journal on Recent Innovation (AJRI) ◽

10.34306/ajri.v1i1.98 ◽

2019 ◽

Vol 1 (1) ◽

pp. 33-45

Author(s):

Rosdiana Rosdiana ◽

Padeli Padeli ◽

Revi Sajidah Sri Handayani ◽

Rifky Alfian

Keyword(s):

Human Error ◽

Unified Modeling Language ◽

Integrated System ◽

Web Based ◽

Administration System ◽

Unified Modeling ◽

The Public ◽

File Storage ◽

The Government ◽

The Village

The public service administration system at the government offices of the Kemiri village office in the Kemiri District currently does not have a computerized and integrated system. Because the system runs, residents who submit letters for administrative completeness, still use the Ms.Word / Ms.Excel application. of course has many weaknesses including human error, not neat in file storage, resulting in the lengthy process of searching and making a cover letter and required reports. The analytical method used in this study is to use PIECES (Performance, Informance, Economy, Control, Efficiency, Service) analysis, the design of the model uses UML (Unified Modeling Language). The results of this study are web-based letter information systems at the Office of the Village Chief of Kemiri that can accessed using a local computer browser. Thus the information letter needed by the Kemiri Village community and more effective and efficient in making the letter.

Download Full-text

DELIVERING KENTUCKY GEOLOGIC MAP INFORMATION TO THE PUBLIC: FIFTEEN YEARS OF AN EVOLVING WEB-BASED MAP SERVICE

10.1130/abs/2020am-357196 ◽

2020 ◽

Author(s):

Douglas C. Curl ◽

Keyword(s):

Web Based ◽

The Public ◽

Geologic Map ◽

Map Service

Download Full-text

Quantifying Media Effects, Its Content, and Role in Promoting Community Awareness of Chikungunya Epidemic in Bangladesh

Epidemiologia ◽

10.3390/epidemiologia2010008 ◽

2021 ◽

Vol 2 (1) ◽

pp. 84-94

Author(s):

Mst. Marium Begum ◽

Osman Ulvi ◽

Ajlina Karamehic-Muratovic ◽

Mallory R. Walsh ◽

Hasan Tarek ◽

...

Keyword(s):

Social Media ◽

Web Based ◽

Study Objective ◽

The Public ◽

Mainstream Media ◽

Related Information ◽

Vector Borne ◽

Media Outlet ◽

And Control

Background: Chikungunya is a vector-borne disease, mostly present in tropical and subtropical regions. The virus is spread by Ae. aegypti and Ae. albopictus mosquitos and symptoms include high fever to severe joint pain. Dhaka, Bangladesh, suffered an outbreak of chikungunya in 2017 lasting from April to September. With the goal of reducing cases, social media was at the forefront during this outbreak and educated the public about symptoms, prevention, and control of the virus. Popular web-based sources such as the top dailies in Bangladesh, local news outlets, and Facebook spread awareness of the outbreak. Objective: This study sought to investigate the role of social and mainstream media during the chikungunya epidemic. The study objective was to determine if social media can improve awareness of and practice associated with reducing cases of chikungunya. Methods: We collected chikungunya-related information circulated from the top nine television channels in Dhaka, Bangladesh, airing from 1st April–20th August 2017. All the news published in the top six dailies in Bangladesh were also compiled. The 50 most viewed chikungunya-related Bengali videos were manually coded and analyzed. Other social media outlets, such as Facebook, were also analyzed to determine the number of chikungunya-related posts and responses to these posts. Results: Our study showed that media outlets were associated with reducing cases of chikungunya, indicating that media has the potential to impact future outbreaks of these alpha viruses. Each media outlet (e.g., web, television) had an impact on the human response to an individual’s healthcare during this outbreak. Conclusions: To prevent future outbreaks of chikungunya, media outlets and social media can be used to educate the public regarding prevention strategies such as encouraging safe travel, removing stagnant water sources, and assisting with tracking cases globally to determine where future outbreaks may occur.

Download Full-text