scholarly journals Security Challenges over Cloud Environment from Service Provider Prospective

2020 ◽  
pp. 12-20
Author(s):  
Ahthasham Qureshi ◽  
Wahab Dashti ◽  
Asma Jahangeer ◽  
Afia Zafar
Keyword(s):  
Cloud Computing ◽  
Service Provider ◽  
Service Providers ◽  
Cloud Service ◽  
Data Availability ◽  
Virtual Storage ◽  
Survey Paper ◽  
Security Issues ◽  
High Security ◽  
Speed Up

Cloud computing becomes very popular and growing rapidly since the last few years, various information technology giants such as Amazon, Google, Microsoft and others speed up their growth in development of cloud computing systems and enhance services for consumers all over the world. Cloud computing provides virtual storage for the clients to avail storage, application, platform and services from their deployed servers over the internet. Various security issues such as; data insecure, data leakage, data availability, attacks; etc. could arise due to poor security policies. This paper discussed in detail security issues in terms of the CIA (Confidentiality, Integrity, and Availability) triangle from a service provider perspective over the services they provide to the end users. By these measurements high security can be achieve in cloud computing. Additionally, to protect confidential data from users on cloud the privacy actions are not updated accordingly. Severally, data backups on cloud cause high security risks. This survey paper analyzes the main security issues which are currently present in the cloud computing and offers best practices to service providers and enterprises hoping to control cloud service.  

Trust Management in Cloud Computing

2019 ◽  
pp. 1686-1711
Author(s):  
Vijay L. Hallappanavar ◽  
Mahantesh N. Birje
Keyword(s):  
Cloud Computing ◽  
Service Provider ◽  
Management System ◽  
Trust Management ◽  
Service Providers ◽  
Cloud Service ◽  
Network Access ◽  
Trust Value ◽  
Trust Management System ◽  
Computing Services

Cloud computing is a model for enabling everywhere, suitable, on-demand network access. There are a number of challenges to provide cloud computing services and to accomplish this, it is necessary to establish trust across the cloud, between the user and the service provider. It is becoming increasingly complex for cloud users to make distinction among service providers offering similar kinds of services. There must be some mechanisms in the hands of users to determine trustworthiness of service providers so that they can select service providers with confidence and with some degree of assurance that service provider will not behave unpredictably or maliciously. An effective trust management system helps cloud service providers and consumers reap the benefits brought about by cloud computing technologies. Hence the objective of this chapter is to describe existing mechanisms that are used to determine a trust worthiness of a cloud service, various models that are used for calculating a trust value and method to establish trust management system.

Security Aspects in Cloud Computing

2018 ◽  
pp. 54-76
Author(s):  
Tabassum N. Mujawar ◽  
Ashok V. Sutagundar ◽  
Lata L. Ragha
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Third Party ◽  
Storage Security ◽  
Security Issues ◽  
Access Control Mechanism ◽  
And Storage ◽  
Privacy Issues ◽  
Different Levels

Cloud computing is recently emerging technology, which provides a way to access computing resources over Internet on demand and pay per use basis. Cloud computing is a paradigm that enable access to shared pool of resources efficiently, which are managed by third party cloud service providers. Despite of various advantages of cloud computing security is the biggest threat. This chapter describes various security concerns in cloud computing. The clouds are subject to traditional data confidentiality, integrity, availability and various privacy issues. This chapter comprises various security issues at different levels in environment that includes infrastructure level security, data level and storage security. It also deals with the concept of Identity and Access Control mechanism.

An Analysis on the Terms and Conditions of the Clickwrap Agreement and the Benefits of Maintaining the Click Wrap Agreement in Cloud Computing

2022 ◽  
pp. 205-224
Author(s):  
Dhiviya Ram
Keyword(s):  
Cloud Computing ◽  
Service Provider ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
End User ◽  
Cloud Service Provider ◽  
Novel Approach ◽  
Cloud Service Providers ◽  
Provider Perspective

One of the most unique forms of contracting is apparent in cloud computing. Cloud computing, unlike other conventional methods, has adopted a different approach in the formation of binding contract that will be used for the governance of the cloud. This method is namely the clickwrap agreement. Click wrap agreement follows a take it or leave it basis in which the end users are provided with limited to no option in terms of having a say on the contract that binds them during the use of cloud services. The terms found in the contract are often cloud service provider friendly and will be less favourable to the end user. In this article, the authors examine the terms that are often found in the cloud computing agreement as well as study the benefit that is entailed in adopting this contracting method. This chapter has undertaken a qualitative study that comprises interviews of cloud service providers in Malaysia. Hence, this study is a novel approach that also provides insight in terms of the cloud service provider perspective regarding the click wrap agreement.

Cloud computing security: protecting cloud-based smart city applications

2016 ◽  
Vol 2 (1) ◽  
Author(s):  
Alkiviadis Giannakoulias
Keyword(s):  
Cloud Computing ◽  
Public Sector ◽  
Service Provider ◽  
Key Management ◽  
Cloud Service ◽  
Transport Layer ◽  
Cloud Infrastructure ◽  
Security Issues ◽  
Standards Compliance ◽  
Security Standards

Data security is a major concern in cloud computing environments as they provide much scope for intruders to attack. Data centres in cloud environments hold valid information that end-users would conventionally have stored on their computers. Moving information towards centralised services may have an adverse effect on the security of users’ interactions with files kept in cloud cupboard spaces[1], for example accidental or deliberate alterations or deletions of information from the cloud server by the Cloud Service Provider (CSP). This necessitates the deployment of some sort of mechanism to ensure the safety of information integrity[2]. Public sector organisations have much to gain by adopting a cloud computing approach to service delivery in their ICT environments. However, these benefits must be reaped without compromising core requirements and institutional values.This paper focuses on the security issues that may arise when public sector organisations consider transitioning to an Open Source Software (OSS) Infrastructure as a Service (IaaS) Cloud Infrastructure (OpenStack), although the same issues are likely to be found in other OSS cloud computing software like Apache CloudStack[3], Eucalyptus[4], and OpenNebula[5]. We examine legal implications, regulatory and standards compliance, new attack vectors resulting from vulnerabilities coming from virtualisation technologies, data integrity issues such as encryption and access controls, and security checks to be performed on the services prior to their movement to the cloud. In addition, some of the most important security threats in cloud computing are presented, followed by key recommendations on how to address them, namely security standards and certifications, service provider auditing, secure APIs, transport layer protection, authentication and encryption key management, and cloud service agreements.

On Data Security and Encryption Algorithms in Cloud Environment

2014 ◽  
Vol 701-702 ◽  
pp. 1106-1111 ◽  
Author(s):  
Xin Zheng Zhang ◽  
Ya Juan Zhang
Keyword(s):  
Cloud Computing ◽  
Data Storage ◽  
Data Security ◽  
Service Providers ◽  
Cloud Service ◽  
Working Environment ◽  
Cloud Environment ◽  
Cloud Data ◽  
Security Issues ◽  
Encryption Algorithms

As information and processes are migrating to the cloud, Cloud Computing is drastically changing IT professionals’ working environment. Cloud Computing solves many problems of conventional computing. However, the new technology has also created new challenges such as data security, data ownership and trans-code data storage. We discussed about Cloud computing security issues, mechanism, challenges that Cloud service providers and consumers face during Cloud engineering. Based on concerning of security issues and challenges, we proposed several encryption algorithms to make cloud data secure and invulnerable. We made comparisons among DES, AES, RSA and ECC algorithms to find combinatorial optimization solutions, which fit Cloud environment well for making cloud data secure and not to be hacked by attackers.

A Compendium of Cloud Forensics

2020 ◽  
pp. 215-227
Author(s):  
Mohd. Akbar ◽  
Mohammad Suaib ◽  
Mohd. Shahid Husain ◽  
Saurabh Shukla
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Legal Issues ◽  
Cloud Environment ◽  
Cyber Forensics ◽  
Cloud Forensics ◽  
Security Issues ◽  
Cloud Service Providers ◽  
Traditional Approaches

The cloud computing environment is one of the most promising technologies in the development of computing resources. The cloud service providers provide almost every resource for computing to their users through the internet. With all its advantages, cloud computing has major security issues. Especially in the case of public clouds, anyone can misuse the services for performing unlawful activities. The traditional approaches used for cyber forensics and network forensics are not adequate for the cloud environment because of many technical constraints. There is a need for setting up effective countermeasures that can help an investigator to identify and track unlawful activities happened in a cloud environment. Cloud forensics is an emerging area of research where the researchers aim to provide effective digital forensic techniques that help in the investigation of digital crimes in a cloud environment. The cloud environment helps to extract data even from devices that are not physically accessible. However, cloud forensics is not as easy as it seems; a lot of the success depends on the cloud service model implemented in the context. Getting the support of cloud service providers in accessing the potential sources of evidence necessary for investigation is also a major concern. Another critical aspect of cloud forensics is dealing with legal issues. This chapter discusses the basic concepts of cloud forensics, its challenges, and future directions.

Cloud Computing Security and Risk Management

2015 ◽  
pp. 1702-1720
Author(s):  
Yoshito Kanamori ◽  
Minnie Yi-Miin Yen
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Business Models ◽  
Service Providers ◽  
Rapid Evolution ◽  
Cloud Service ◽  
Security Issues ◽  
Cloud Environments ◽  
Networking Technologies ◽  
And Control

Cloud computing is changing the way corporate computing operates and forcing the rapid evolution of computing service delivery. It is being facilitated by numerous technological approaches and a variety of business models. Although utilizing the infrastructure of existing computing and networking technologies, different cloud service providers (CSPs) are able to unite their efforts and address a much broader business space. As a result, confusion has emerged and questions have risen from both Information Technology (IT) and business communities. How cloud environments differ from traditional models, and how these differences affect their adoption are of major importance. In this chapter, the authors first clarify misperceptions by introducing the new threats and challenges involved in cloud environments. Specifically, security issues and concerns will be depicted in three practical scenarios designed to illuminate the different security problems in each cloud deployment model. The chapter also further discusses how to assess and control the concerns and issues pertaining to the security and risk management implementations.

scholarly journals Implementing Fuzzy TOPSIS in Cloud Type and Service Provider Selection

2018 ◽  
Vol 2018 ◽  
pp. 1-12 ◽  
Author(s):  
Aveek Basu ◽  
Sanchita Ghosh
Keyword(s):  
Cloud Computing ◽  
Service Provider ◽  
Service Providers ◽  
Multicriteria Decision Making ◽  
Leading Edge ◽  
Cloud Service ◽  
Fuzzy Topsis ◽  
End Users ◽  
Market Demand ◽  
Cloud Service Providers

Cloud computing can be considered as one of the leading-edge technological advances in the current IT industry. Cloud computing or simply cloud is attributed to the Service Oriented Architecture. Every organization is trying to utilize the benefit of cloud not only to reduce the cost overhead in infrastructure, network, hardware, software, etc., but also to provide seamless service to end users with the benefit of scalability. The concept of multitenancy assists cloud service providers to leverage the costs by providing services to multiple users/companies at the same time via shared resource. There are several cloud service providers currently in the market and they are rapidly changing and reorienting themselves as per market demand. In order to gain market share, the cloud service providers are trying to provide the latest technology to end users/customers with the reduction of costs. In such scenario, it becomes extremely difficult for cloud customers to select the best service provider as per their requirement. It is also becoming difficult to decide upon the deployment model to choose among the existing ones. The deployment models are suitable for different companies. There exist divergent criteria for different deployment models which are not tailor made for an organization. As a cloud customer, it is difficult to decide on the model and determine the appropriate service provider. The multicriteria decision making method is applied to find out the best suitable service provider among the top existing four companies and choose the deployment model as per requirement.

scholarly journals Performance Improvement of MONCRYPT SSA Over Data Obfuscation in Cloud Security

2019 ◽  
Vol 9 (2) ◽  
pp. 1006-1010
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Distributed Storage ◽  
Cloud Service ◽  
Present System ◽  
Security Issues ◽  
Computing Services ◽  
Information Technology Services ◽  
Technology Services ◽  
Security As A Service

Cloud computing means a set of Information Technology services offered to the users over the web on a rented base. Cloud computing has several benefits like pliable, planning, scalability, combination, and rebate .Security is one in every of the most challenges that hinder the expansion of cloud computing. This study introduces a brief analysis of the issues and challenges of cloud computing security. “Cloud computing services will be varied and must be defined from the perspective of the users of the service. Security of information keep within the cloud is most imperative test publically cloud setting. Due the security issues, information are uncovered by Cloud Service Providers (CSP) and others clients of cloud. To verify the information from security lapse, we are using Security Algorithm , named MONcrypt SSA to protect the data in cloud depository . The proposed technique is depend on information jumbling strategies. The MONcrypt SSA depends on Security as a Service (SEaaS). In this we can utilize the JAVA to recreation of results is utilized for measure the security of propose and existing jumbling procedures. MONcrypt contrast and present jumbling procedure that is Base64Encoding .The anticipated strategy gives better and shrewd security in examination with present obscurity strategies. Not at all like present system, MONcrypt diminishes the size of information that will be transferred in distributed storage.

Cloud Computing Security and Risk Management

2012 ◽  
pp. 222-240
Author(s):  
Yoshito Kanamori ◽  
Minnie Yi-Miin Yen
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Business Models ◽  
Service Providers ◽  
Rapid Evolution ◽  
Cloud Service ◽  
Security Issues ◽  
Cloud Environments ◽  
Networking Technologies ◽  
And Control

Cloud computing is changing the way corporate computing operates and forcing the rapid evolution of computing service delivery. It is being facilitated by numerous technological approaches and a variety of business models. Although utilizing the infrastructure of existing computing and networking technologies, different cloud service providers (CSPs) are able to unite their efforts and address a much broader business space. As a result, confusion has emerged and questions have risen from both Information Technology (IT) and business communities. How cloud environments differ from traditional models, and how these differences affect their adoption are of major importance. In this chapter, the authors first clarify misperceptions by introducing the new threats and challenges involved in cloud environments. Specifically, security issues and concerns will be depicted in three practical scenarios designed to illuminate the different security problems in each cloud deployment model. The chapter also further discusses how to assess and control the concerns and issues pertaining to the security and risk management implementations.

Sign in / Sign up

Export Citation Format

Share Document